Activity Feed
- Karma Re: Using Django to read SQLite DB for LukeMurphey. 06-05-2020 12:46 AM
- Karma Any good knowledge object/dependency management techiques out there? for dstaulcu. 06-05-2020 12:46 AM
- Got Karma for Re: Dashboard: Replacing default text for empty reports. 06-05-2020 12:46 AM
- Got Karma for Re: Any good knowledge object/dependency management techiques out there?. 06-05-2020 12:46 AM
- Karma What are some good methods for identifying dependencies between knowledge objects in Splunk? for mattness. 06-05-2020 12:45 AM
- Karma Re: What are some good methods for identifying dependencies between knowledge objects in Splunk? for mattness. 06-05-2020 12:45 AM
- Posted Re: Any good knowledge object/dependency management techiques out there? on Knowledge Management. 07-25-2014 01:23 AM
- Posted Re: Correlate three events with differing properties on Splunk Search. 05-06-2014 12:17 AM
- Posted Re: Correlate three events with differing properties on Splunk Search. 05-02-2014 07:48 AM
- Posted Re: Dashboard: Replacing default text for empty reports on Splunk Search. 05-02-2014 04:51 AM
- Posted Re: Dashboard: Replacing default text for empty reports on Splunk Search. 05-02-2014 04:51 AM
- Posted Correlate three events with differing properties on Splunk Search. 05-02-2014 04:37 AM
- Tagged Correlate three events with differing properties on Splunk Search. 05-02-2014 04:37 AM
- Tagged Correlate three events with differing properties on Splunk Search. 05-02-2014 04:37 AM
- Tagged Correlate three events with differing properties on Splunk Search. 05-02-2014 04:37 AM
- Posted Dashboard: Replacing default text for empty reports on Splunk Search. 04-24-2014 04:50 AM
- Tagged Dashboard: Replacing default text for empty reports on Splunk Search. 04-24-2014 04:50 AM
- Tagged Dashboard: Replacing default text for empty reports on Splunk Search. 04-24-2014 04:50 AM
- Tagged Dashboard: Replacing default text for empty reports on Splunk Search. 04-24-2014 04:50 AM
- Tagged Dashboard: Replacing default text for empty reports on Splunk Search. 04-24-2014 04:50 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
07-25-2014
01:23 AM
1 Karma
I'm having the exact same issues, especially dependencies breaking and intransparency of the config.
I'd highly welcome the features you mentioned since it would greatly reduce the time and brains spent on finding all the dependencies which a certain knowledge object participates in.
For the time being, my approach to finding all the dependencies of an object is to grep for the object name. This of course does not always find everything (especially the metadata are good at hiding stuff since the object names in there are url-encoded...) and every change needs to be thoroughly tested.
... View more
05-06-2014
12:17 AM
Sadly, this approach seems to be dependent on the order of events.. My data gets correlated in a non-matching fashion (it puts exes together with users that didn't call those). But many thanks for your reply!
... View more
05-02-2014
07:48 AM
This produces something, but I cannot verify its correctness or completeness. Judging by the warning message Splunk gives me (Subsearch exceeded 50000 events, using only first 50000) I think it will be incomplete. Thank you for your reply nonetheless!
... View more
05-02-2014
04:51 AM
1 Karma
Works nicely, adding a new column with the message. Unfortunately, the other report columns are still in place and I can't seem to get rid of them. Thanks for your input!
... View more
05-02-2014
04:51 AM
Advanced XML seems to have been removed from the 6.x release, so I can't try that... but thanks 🙂
... View more
05-02-2014
04:37 AM
I need to correlate three events of different type which have 1 single property in common, respectively:
<TS> type_name=AUDIT_PATH callid=123 exe=/etc/sudoers.work
<TS> type_name=AUDIT_SYSCALL callid=123 session=456
<TS> type_name=AUDIT_USER_START session=456 acct=root
My tries so far have been unsuccessful and I'm running out of ideas, how can I do this?
P.S. I'm trying to not use the transaction command
... View more
04-24-2014
04:50 AM
I'm developing a dashboard to display the results of several saved searches and everything's looking nice.
I just want to change the text output which is shown when a saved search returns an empty result, is it possible?
The definition of my dashboard looks as follows:
<dashboard>
<label>Dashboard Title</label>
<row>
<table>
<title>Title of report 1</title>
<searchName>name_of_saved_search_for_report_1</searchName>
</table>
</row>
<row>
<table>
<title>Title of report 2</title>
<searchName>name_of_save_search_for_report_2</searchName>
</table>
</row>
</dashboard>
... View more
04-11-2014
06:13 AM
I'm trying to use Django to load some data from a small SQLite database (for testing purposes..).
My Django table model is as follows:
class Coworker(models.Model):
id = models.IntegerField(primary_key=True)
firstname = models.CharField(max_length=50)
lastname = models.CharField(max_length=50)
def __unicode__(self):
return self.firstname + " " + self.lastname
In the Django view, I try getting all objects from DB with the following:
items = Coworker.objects.all()
My database config (in __init__.py) looks as follows:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': '/home/j299110/testdb'
}
}
This gives me the following error message:
Error: ImproperlyConfigured at /de-de/myfirstdjangoapp/coworkers/
settings.DATABASES is improperly configured. Please supply the ENGINE value. Check settings documentation for more details.
I then tried moving the DB settings stuff to other files:
urls.py
views.py
/opt/splunk/lib/python2.7/site-packages/django/conf/global_settings.py
But nothing helped, always the same error.
Then I added another, named, data source:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': '/home/j299110/testdb'
},
'testdb': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': '/home/j299110/testdb'
}
}
And tested with
items = Coworker.objects.using("testdb").all()
Now, I got a new error message:
Error: ConnectionDoesNotExist at /de-de/myfirstdjangoapp/coworkers
The connection testdb doesn't exist
Which I find odd since I just added it.
What do I have to do to get a connection to said database?
... View more
