Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I edit 'allSites' variable in the nexpose_reports.py to select specific sites for data retrieval.

windbishn
Explorer
‎03-23-2016 10:26 AM

By default, data on all sites will be collected. If only data on specific sites is required please edit the 'allSites' variable within the 'nexpose_reports.py' file following the instructions included within the collector script.

nexpose_reports.py
Sites to report on. For specific sites only, set the 'sites' variable to an array e.g. [1, 3, 12] where the numbers are the site IDs on which data will be collected.

allSites = nexposeClient.site_id_listing()
logger.info("Gathering data on sites <" + ', '.join(nexposeClient.site_name_listing()) + "> with IDs <" + (str(allSites).strip('[]') ) + ">")
sites_to_query = allSites

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

JJCassidy_R7
Explorer
‎03-24-2016 02:43 AM

You modify the nexpose_reports.py file and change the allSites variable from:

allSites = nexposeClient.site_id_listing()

To:

allSites = [1,17,123,99]

The IDs are those of the corresponding sites within Nexpose and can be found in the site URL e.g. https://<$NEXPOSE_CONSOLE>/site.jsp?siteid=17. You just take however many site IDs you want data to be collected on and add them to the script. The next time the application collects data it will be limited to those specific sites.

Another way of doing this is modifying the configured Nexpose user that the application uses to login to the Nexpose console and limit the user's access to only the sites you want data retrieved for. This will require no change to the Splunk application and will achieve the same goal.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

JJCassidy_R7
Explorer
‎03-24-2016 02:43 AM

You modify the nexpose_reports.py file and change the allSites variable from:

allSites = nexposeClient.site_id_listing()

To:

allSites = [1,17,123,99]

The IDs are those of the corresponding sites within Nexpose and can be found in the site URL e.g. https://<$NEXPOSE_CONSOLE>/site.jsp?siteid=17. You just take however many site IDs you want data to be collected on and add them to the script. The next time the application collects data it will be limited to those specific sites.

Another way of doing this is modifying the configured Nexpose user that the application uses to login to the Nexpose console and limit the user's access to only the sites you want data retrieved for. This will require no change to the Splunk application and will achieve the same goal.

0 Karma
Reply
Solved! Jump to solution

windbishn
Explorer
‎03-24-2016 11:30 AM

Wow, it makes sense looking at it now but I was trying to work within the entire variable. I appreciate the assist.

0 Karma
Reply
Get Updates on the Splunk Community!

Celebrating Fast Lane: 2025 Authorized Learning Partner of the Year

At .conf25, Splunk proudly recognized Fast Lane as the 2025 Authorized Learning Partner of the Year. This ...

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...