Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About steadye
steadye
New Member
Member since:
03-15-2012
06-05-2020
Community Statistics
| Posts | 9 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 03-15-2012 |
Activity Feed
- Posted Re: Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-23-2015 02:06 AM
- Posted Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-16-2015 03:54 AM
- Tagged Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-16-2015 03:54 AM
- Tagged Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-16-2015 03:54 AM
- Tagged Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-16-2015 03:54 AM
- Tagged Splunk for DNS: How can I update the blacklist.csv file? on All Apps and Add-ons. 11-16-2015 03:54 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-09-2015 01:38 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-09-2015 01:02 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-09-2015 12:25 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 07:14 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 06:34 AM
- Posted Re: Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 05:19 AM
- Posted Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 03:46 AM
- Tagged Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 03:46 AM
- Tagged Cisco Networks app does not interpret Mnemonic and facility. How to fix on All Apps and Add-ons. 02-06-2015 03:46 AM
Topics I've Started
11-23-2015
02:06 AM
I was actually wondering where I can find the initial feed. No the csv is a static file but I think fot he best use of this app you should update this file at least once a day to get the latest acurate data. So if i know the actual feed I can download it and update it by a scheduled job.
... View more
11-16-2015
03:54 AM
I was wondering, how can I update the blacklist.csv file? What was the initial feed and how can I update this periodically? This data changes almost everyday, so it would be nice if this is list is up to date.
thx.
Eddie
... View more
02-09-2015
01:38 AM
THX...
That did the job, in KIWI there is an option to remove cisco timestamps in the log entry. So i disabled that entry and the Facility en mnemonic and severity fields are displayed and are now filling the graphs..
thx for your support on this..
... View more
02-09-2015
01:02 AM
OK, we are using kiwi syslog servers at this moment.
I will look into that if we can add the timestamp fields.
... View more
02-09-2015
12:25 AM
goodmorning..
I do see the eventype field with cisco_ios,cisco_connection, cisco_authentication.
Also other fields like src_interface, authenticator, date etc
But I don't see the facility, mnemonic or severity id. fields.
... View more
02-06-2015
07:14 AM
I did a fresh install still the same behaviour.
In the app it is seeing the number of events, the unique devices, and a graph with top mnemonics by time where all is NULL.
In the inventory it displays the hosts and events.
All other graphs are empty. I would like the switching part to be working so the spanningtree and mac flaps etc.
any thoughts ??
... View more
02-06-2015
06:34 AM
At this moment I'am going to do a fresh install. We use the index called main.
... View more
02-06-2015
05:19 AM
Hello Mikael,
Yes i had installed the add-on and also upgraded the add-on to 2.2.0.
... View more
02-06-2015
03:46 AM
We installed the Cisco Networks App. However it does not seem to recognize any syslog messages.
It does recognize the unique devices and number of events. At the top mnemonics by time it shows a graph only with mnemonics NULL.
All other graphs on the dashboard are not filled.
Example for the MAC flapping graph:
our syslog message is:
Feb 06 12:22:18 zt5c1-vdc-otv %L2FM-4-L2FM_MAC_MOVE: Mac 0000.0c07.ac66 in vlan 888 has moved from Po305 to Eth3/14
host = zt5c1-vdc-otv source = E:\Syslogd\Logs\zt5c1-vdc-otv sourcetype = cisco:ios
The query on the graph should be:
sourcetype=cisco:ios eventtype="cisco_ios-mac_flapping" | table _time, host, facility, mnemonic, src_mac, src_vlan, src_interface, dest_interface
The event-type cisco_ios-mac_flapping is defined as:
sourcetype=cisco:ios (mnemonic=MACFLAP_NOTIF OR mnemonic=HOSTFLAPPING) OR (facility=MAC_MOVE mnemonic=NOTIF)
In the interesting fields I don't see mnemonic or facility field.
So any help appreciated...
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
