Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How do I edit 'allSites' variable in the nexpose_r...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
By default, data on all sites will be collected. If only data on specific sites is required please edit the 'allSites' variable within the 'nexpose_reports.py' file following the instructions included within the collector script.
nexpose_reports.py
Sites to report on. For specific sites only, set the 'sites' variable to an array e.g. [1, 3, 12] where the numbers are the site IDs on which data will be collected.
allSites = nexposeClient.site_id_listing()
logger.info("Gathering data on sites <" + ', '.join(nexposeClient.site_name_listing()) + "> with IDs <" + (str(allSites).strip('[]') ) + ">")
sites_to_query = allSites
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You modify the nexpose_reports.py file and change the allSites variable from:
allSites = nexposeClient.site_id_listing()
To:
allSites = [1,17,123,99]
The IDs are those of the corresponding sites within Nexpose and can be found in the site URL e.g. https://<$NEXPOSE_CONSOLE>/site.jsp?siteid=17. You just take however many site IDs you want data to be collected on and add them to the script. The next time the application collects data it will be limited to those specific sites.
Another way of doing this is modifying the configured Nexpose user that the application uses to login to the Nexpose console and limit the user's access to only the sites you want data retrieved for. This will require no change to the Splunk application and will achieve the same goal.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You modify the nexpose_reports.py file and change the allSites variable from:
allSites = nexposeClient.site_id_listing()
To:
allSites = [1,17,123,99]
The IDs are those of the corresponding sites within Nexpose and can be found in the site URL e.g. https://<$NEXPOSE_CONSOLE>/site.jsp?siteid=17. You just take however many site IDs you want data to be collected on and add them to the script. The next time the application collects data it will be limited to those specific sites.
Another way of doing this is modifying the configured Nexpose user that the application uses to login to the Nexpose console and limit the user's access to only the sites you want data retrieved for. This will require no change to the Splunk application and will achieve the same goal.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wow, it makes sense looking at it now but I was trying to work within the entire variable. I appreciate the assist.
Splunk Search APIを使えば調査過程が残せます
Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...
Congratulations to the 2025-2026 SplunkTrust!
