About lalire

lalire · ‎06-14-2018

Splunk 6.5 getting the below error, no clue on how to fix this issue, any help would be appreciated. msg="A script exited abnormally" input="/opt/splunk/etc/apps/TA-rapid7_nexpose/bin/rapid7nexpose.py" stanza="rapid7nexpose://rapid7_import" status="exited with code 1 Using the below app splunkbase.splunk.com/app/3457

lalire · ‎11-22-2016

That was it, thank you very much, I am now one baby step closer to being a Splunk Guru!!! Below is my whole search now working perfectly!!! (index=windows EventCode=4624) OR (index=fortinet dstport=3389) | stats sparkline count by srccountry,srcip,dstip | sort srccountry |lookup dnslookup clientip as srcip OUTPUT clienthost as Attacker_Host | lookup dnslookup clientip as dstip OUTPUT clienthost as FH_Computer

lalire · ‎11-22-2016

I am trying to search our WIndows logs and our Fortinet logs for specific info. (index=windows) OR (Index=fortinet) AND EventCode=4624 dstport=3389 I am having no luck playing with any combination, trying to get the EventCode(Windows) and dstport(Fortinet) to display the data I want. Any help would be appreciated.

lalire · ‎10-14-2016

Thanks that put me in the correct direction.

lalire · ‎10-13-2016

Using 5.0 of Splunk add-on for Tenable with Splunk 6.4.1. Any help would be appreciated...Cannot see the panels, but do see data coming in when i do a search.

Posts	5
Solutions	0
Karma Given	0
Karma Received	1
Member Since	‎10-13-2016

Online Status	Offline
Date Last Visited	‎06-05-2020 02:04 AM

Script exit abnomally - Rapid7 addon

How to search multiple indexes for certain key val...

Splunk Add-on for Tenable 5.0.0: Why am I unable t...

Script exit abnomally - Rapid7 addon

Re: How to search multiple indexes for certain key...

How to search multiple indexes for certain key val...

Re: Splunk Add-on for Tenable 5.0.0: Why am I unab...

Splunk Add-on for Tenable 5.0.0: Why am I unable t...