Activity Feed
- Got Karma for Re: How to search multiple indexes for certain key value pairs?. 06-05-2020 12:48 AM
- Posted Script exit abnomally - Rapid7 addon on All Apps and Add-ons. 06-14-2018 10:05 AM
- Tagged Script exit abnomally - Rapid7 addon on All Apps and Add-ons. 06-14-2018 10:05 AM
- Posted Re: How to search multiple indexes for certain key value pairs? on Splunk Search. 11-22-2016 11:20 AM
- Posted How to search multiple indexes for certain key value pairs? on Splunk Search. 11-22-2016 11:09 AM
- Tagged How to search multiple indexes for certain key value pairs? on Splunk Search. 11-22-2016 11:09 AM
- Tagged How to search multiple indexes for certain key value pairs? on Splunk Search. 11-22-2016 11:09 AM
- Tagged How to search multiple indexes for certain key value pairs? on Splunk Search. 11-22-2016 11:09 AM
- Posted Re: Splunk Add-on for Tenable 5.0.0: Why am I unable to see any prebuilt dashboard panels? on All Apps and Add-ons. 10-14-2016 09:18 AM
- Posted Splunk Add-on for Tenable 5.0.0: Why am I unable to see any prebuilt dashboard panels? on All Apps and Add-ons. 10-13-2016 03:42 PM
- Tagged Splunk Add-on for Tenable 5.0.0: Why am I unable to see any prebuilt dashboard panels? on All Apps and Add-ons. 10-13-2016 03:42 PM
- Tagged Splunk Add-on for Tenable 5.0.0: Why am I unable to see any prebuilt dashboard panels? on All Apps and Add-ons. 10-13-2016 03:42 PM
- Tagged Splunk Add-on for Tenable 5.0.0: Why am I unable to see any prebuilt dashboard panels? on All Apps and Add-ons. 10-13-2016 03:42 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
06-14-2018
10:05 AM
Splunk 6.5 getting the below error, no clue on how to fix this issue, any help would be appreciated.
msg="A script exited abnormally" input="/opt/splunk/etc/apps/TA-rapid7_nexpose/bin/rapid7nexpose.py" stanza="rapid7nexpose://rapid7_import" status="exited with code 1
Using the below app
splunkbase.splunk.com/app/3457
... View more
- Tags:
- splunk-enterprise
11-22-2016
11:20 AM
1 Karma
That was it, thank you very much, I am now one baby step closer to being a Splunk Guru!!! Below is my whole search now working perfectly!!!
(index=windows EventCode=4624) OR (index=fortinet dstport=3389) | stats sparkline count by srccountry,srcip,dstip | sort srccountry |lookup dnslookup clientip as srcip OUTPUT clienthost as Attacker_Host | lookup dnslookup clientip as dstip OUTPUT clienthost as FH_Computer
... View more
11-22-2016
11:09 AM
I am trying to search our WIndows logs and our Fortinet logs for specific info.
(index=windows) OR (Index=fortinet) AND EventCode=4624 dstport=3389
I am having no luck playing with any combination, trying to get the EventCode(Windows) and dstport(Fortinet) to display the data I want. Any help would be appreciated.
... View more
10-14-2016
09:18 AM
Thanks that put me in the correct direction.
... View more
10-13-2016
03:42 PM
Using 5.0 of Splunk add-on for Tenable with Splunk 6.4.1. Any help would be appreciated...Cannot see the panels, but do see data coming in when i do a search.
... View more
