Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About dominiquevocat
dominiquevocat
Motivator
Member since:
08-26-2010
04-05-2023
Community Statistics
| Posts | 292 |
| Solutions | 20 |
| Karma Given | 26 |
| Karma Received | 57 |
| Member Since | 08-26-2010 |
Activity Feed
- Posted Re: How to set attachment name in sendemail command on Reporting. 09-14-2021 04:53 AM
- Got Karma for Re: Is there a javascript token with the hostname of the Splunk server where Splunk Web runs?. 08-03-2021 02:29 AM
- Karma Re: How To Run Python On App Install for David. 06-05-2020 12:50 AM
- Got Karma for Splunk_TA_mcafee-wg fields wrong?. 06-05-2020 12:49 AM
- Karma Re: After upgrading to 6.5.0, KV Store will not start for jcrabb_splunk. 06-05-2020 12:48 AM
- Got Karma for Re: What is the process to run the TA-prtg Add-on?. 06-05-2020 12:48 AM
- Got Karma for Re: TA-XLS Excel Export output commands: Can I add a time stamp in the Subject of the sendfile command?. 06-05-2020 12:48 AM
- Got Karma for Re: What is the process to run the TA-prtg Add-on?. 06-05-2020 12:48 AM
- Got Karma for Merging local into default using git?. 06-05-2020 12:48 AM
- Got Karma for Merging local into default using git?. 06-05-2020 12:48 AM
- Got Karma for Merging local into default using git?. 06-05-2020 12:48 AM
- Got Karma for DB Connect 2 and Firebird SQL. 06-05-2020 12:48 AM
- Got Karma for DB Connect 2 and Firebird SQL. 06-05-2020 12:48 AM
- Got Karma for Re: Is there a javascript token with the hostname of the Splunk server where Splunk Web runs?. 06-05-2020 12:48 AM
- Got Karma for Merging local into default using git?. 06-05-2020 12:48 AM
- Got Karma for Re: Is there a javascript token with the hostname of the Splunk server where Splunk Web runs?. 06-05-2020 12:48 AM
- Karma Large lookup caused the bundle replication to fail. What are my options? for rbal_splunk. 06-05-2020 12:47 AM
- Karma Re: How to edit my scheduled outputlookup search to NOT overwrite the existing lookup table if the new results are blank? for mbenwell. 06-05-2020 12:47 AM
- Karma Re: Send splunk internal warning and alerts via eMail for acharlieh. 06-05-2020 12:47 AM
- Karma Re: Report monthly stats, binning by if an event occured once or more then once a month for acharlieh. 06-05-2020 12:47 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 2 | |||
| 0 | |||
| 4 |
09-14-2021
04:53 AM
any update for splunk 8.2? where does this need to be placed? (lso it would be great if it was in the base product)
... View more
05-22-2020
01:54 AM
Not saying i disagree with you but would you care to explain how pushing arbitrary code for execution from a deployment server to any endpoint being run with potentially local system/root is saner and safer then using the splunk api remotely from the same box?
... View more
04-29-2020
07:28 AM
There is such a feature in https://splunkbase.splunk.com/app/2775/ - one or recursively over a search result. You need to reach port 8089 on the forwarders though and set a password for admin.
... View more
01-24-2020
04:31 AM
no update on the enhancement request - i m not sure if we tried to fix it ourselfs
... View more
08-15-2019
08:03 AM
Hi, i was on vacation so sorry for the delay.
Please contact me via email so i can detail it some more for you.
The search log you can open by hovering over a dashboard panel and in the lower right corner there should pop up a few icons, one allows yo to run the search in a new window and looks like a magnifying glass and one looks looks like a lower case i this will open the search info windows and there on top is a link to the search log. I would need the logfile.
Please make sure you have a copy of prtg.conf in the app folder in an underfolder called local and have the parameters like hostname, user and password in that file all else won't work.
... View more
07-23-2019
05:55 AM
ok, i need to check if i can get access to a PRTG, preferably that version... It is in english, right?
Also i really need the search log of the job. you can email it to me.
... View more
07-23-2019
12:38 AM
PRTG 7.1.0 ?
also when you have a panel that gives an error you can inspect the job and get the search log.
... View more
07-22-2019
01:12 AM
Local is just a folder under the app. What version of PRTG do you use? I might have to upgrade the implementation...
... View more
01-22-2019
03:52 AM
thanks, i am aware of the webterminal - that is what i modified heavily to add a minimal bash like shell with some scripting abilities - you can check it out at https://github.com/dominiquevocat/minishell
... View more
01-16-2019
07:56 AM
I saw the app and like the concept - that said i am curious, can you run commands against the local machine? and if so how did you pass appinspect since i have several times tried to publish my minimal shell with some scripting and failed publishing each time even after rewriting it in pure python 🙂
... View more
- Tags:
- CLI Auto for Splunk
11-29-2018
02:51 AM
the logs also have many new fields so the size of a event is about 3x larger plus you can not deselect the fields since they are not exposed in the inputs definition app plsu i fail to blacklist the superflous fields. 😕
... View more
10-11-2018
08:14 AM
You might want to look at https://splunkbase.splunk.com/app/2775/
it has a relod deploy server as well as restart forwarder feature.
... View more
10-01-2018
07:50 AM
i can not say much as per araitz' work but maybe https://splunkbase.splunk.com/app/1832/ is of some use to you?
... View more
09-28-2018
04:53 PM
Hi, would love to talk about it some if you have time. I am at .conf already (university) - any chance to meet for chat?
... View more
08-17-2018
02:36 AM
LDAP but you need to use https://splunkbase.splunk.com/app/1852/ unless you don't have attributes with non 7bit ascii attributes in your schema.
Also look into xdas - i might polish a little what we do and add it to splunkbase if there is interest.
... View more
08-17-2018
02:34 AM
You could use xdas, just use a pattern with no timestamp and index it as json.
I do a fair lot of edirectory and idm stuff if you need more...
... View more
08-03-2018
12:31 AM
hi, we use the TA out of the box - we have a newer version of mcafee web gateway then is supported by the TA
... View more
08-03-2018
12:30 AM
nope, we opened a support ticket and have a enhancement request going
... View more
07-18-2018
01:39 AM
1 Karma
Is it me or are the extractions in Splunk_TA_mcafee-wg next to totaly wrong?
To take an example Log entry from some of my activity the log looks like this:
Jul 18 08:44:27 xxx_hostname_xxx mwg: McAfeeWG|time_stamp=[18/Jul/2018:08:44:27 +0200]|auth_user=cn=XXXX,ou=XXX,ou=XXXX,ou=XXX,o=XXX|src_ip=10.9.16.6|server_ip=172.217.22.100|host=www.google.com|url_port=443|status_code=200|bytes_from_client=958|bytes_to_client=426|categories=Search Engines|rep_level=Minimal Risk|method=GET|url=https://www.google.com/searchdomaincheck?format=domain&type=chrome|media_type=text/plain|application_name=Google|user_agent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36|referer=|block_res=0|block_reason=|virus_name=|hash=|filename=searchdomaincheck|filesize=426|
for src, src_ip,user,user_agent the value is "unknown"
There is the field auth_user containing the dn but i think user should contain the cn...
What am i doing wrong?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
04-05-2023
05:05 PM
|
