Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About vinchakov_a
vinchakov_a
Path Finder
Member since:
07-23-2012
06-05-2020
Community Statistics
| Posts | 50 |
| Solutions | 0 |
| Karma Given | 8 |
| Karma Received | 5 |
| Member Since | 07-23-2012 |
Activity Feed
- Karma Re: How to parse JSON log data? for emiller42. 06-05-2020 12:47 AM
- Karma Re: timestamp in the beginning for woodcock. 06-05-2020 12:47 AM
- Karma Re: How to compare most recent results with previous search results? for somesoni2. 06-05-2020 12:47 AM
- Karma estreamer_client ERROR: Remote host closed socket at SFStreamer.pm line 1735 for s_ruggiero. 06-05-2020 12:47 AM
- Got Karma for custom ssl certificate 8089. 06-05-2020 12:47 AM
- Got Karma for Re: custom ssl certificate 8089. 06-05-2020 12:47 AM
- Got Karma for help with splunk dedup. 06-05-2020 12:47 AM
- Got Karma for Missing eventtypes and lookup table using Cisco IOS app?. 06-05-2020 12:47 AM
- Got Karma for Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist?. 06-05-2020 12:47 AM
- Karma Cisco IOS Default Dashboard Not Working for hw023280. 06-05-2020 12:46 AM
- Karma Re: wrong host for emechler_splunk. 06-05-2020 12:46 AM
- Karma Re: some questions about for linu1988. 06-05-2020 12:46 AM
- Posted Re: After upgrading to 6.5.0, KV Store will not start on Knowledge Management. 02-05-2017 10:40 PM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-16-2015 11:54 PM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-15-2015 09:05 PM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-13-2015 09:09 AM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-13-2015 09:07 AM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-13-2015 07:39 AM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-13-2015 07:33 AM
- Posted Re: Hurricane Labs Add-on for Nessus: Why am I getting error "The lookup table 'nessus_plugin_lookup' does not exist? on All Apps and Add-ons. 11-12-2015 10:54 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 |
02-05-2017
10:40 PM
I have the same issue after update, but I get such errors in mongod.log:
2017-02-06T06:39:59.168Z E NETWORK [conn180] SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2017-02-06T06:39:59.168Z I NETWORK [conn180] end connection 127.0.0.1:33592 (0 connections now open)
2017-02-06T06:39:59.175Z I NETWORK [initandlisten] connection accepted from 127.0.0.1:33593 #181 (1 connection now open)
2017-02-06T06:39:59.175Z E NETWORK [conn181] SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2017-02-06T06:39:59.175Z I NETWORK [conn181] end connection 127.0.0.1:33593 (0 connections now open)
... View more
11-16-2015
11:54 PM
they have no field "severity"
... View more
11-15-2015
09:05 PM
I see new data in index=nessus. But in app it is empty. For an example I take request:
tag=vulnerability tag=report report_id=* severity=* NOT severity=informational | chart count over dest by severity | sort -count limit=10 | rename low as Low, medium as Medium, high as High, critical as Critical
It is in reply empty
Then I modify request (del severity and add index=nessus)
index=nessus tag=vulnerability tag=report report_id=* | chart count over dest by severity | sort -count limit=10 | rename low as Low, medium as Medium, high as High, critical as Critical
I obtain data.
... View more
11-13-2015
09:09 AM
I checked one of dashboard, and it is empty because it use "severity". If I delete severity in search string it works.
... View more
11-13-2015
09:07 AM
sorry, index=nessus sourcetype=nessus_vuln same as index=nessus
... View more
11-13-2015
07:39 AM
Yes I see events in index=nessus.
... View more
11-13-2015
07:33 AM
all by root user
... View more
11-12-2015
10:54 PM
I created empty csv and launched update_lookup.sh. It filled it. It downloaded data from nessus, I see them.
But in application empty dashboards.
... View more
11-12-2015
09:25 PM
1 Karma
11-13-2015 08:20:42.654 +0300 ERROR LookupOperator - The lookup table 'nessus_plugin_lookup' does not exist. It is referenced by configuration 'nessus_vuln'.
11-13-2015 08:20:42.654 +0300 WARN LookupOperator - Failed to find static lookup file: nessus_plugin_lookup.csv
I received this error. TA - 1.0.6BETA.
... View more
10-27-2015
12:58 AM
I see that from DCN, data comes in with a frequency of 5 minutes. How do I reduce this interval? I use a heavy forwarder as DCN
... View more
10-25-2015
09:02 PM
Also there is no way to collect directly? Why this excess layer if I don't want it?
... View more
10-22-2015
11:17 PM
Whether surely to use the intermediate forwarder for collection of metrics?
I want to collect directly metrics on Splunk Enterprise.
... View more
07-14-2015
11:34 PM
Why splunk adds the date and time to the beginning of a log. How to clean it?
Jul 15 09:27:20 172.16.19.1 Jul 15 2015 10:27:20 us-fw01 : ...
Jul 15 09:27:20 172.16.19.1 Jul 15 2015 10:27:20 us-fw01 : ...
Jul 15 09:27:19 172.16.19.1 Jul 15 2015 10:27:19 us-fw01 : ...
Jul 15 09:27:18 172.16.19.1 Jul 15 2015 10:27:18 us-fw01 : ...
Jul 15 09:27:17 172.16.19.1 Jul 15 2015 10:27:17 us-fw01 : ...
... View more
07-14-2015
09:24 PM
I understood that it not absolutely json. I could process it as wrote above to comments. It is possible to cut off a log on reception? before events creating
... View more
07-14-2015
05:06 AM
Partially I understood. I created new field extraction and doing:
sourcetype=_json | eval _raw = access_log_json | spath
But how can I execute all before { on the input step????
... View more
07-14-2015
04:40 AM
I created an input in the _json format and send to it httpd access logs.
I received such logs:
Jul 14 14:35:44 172.16.16.100 1 2015-07-14T14:35:44+03:00 us-.local httpd - - - {"PROGRAM":"httpd","LOGTYPE":"access","ISODATE":"2015-07-14T14:35:44+03:00","HTTP":{"VHOST":"..com","USER_AGENT":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36","STATUS":"200","SIZE":"21","REQUEST_TIME":"756174","REQUEST":"GET /admins/widget/?widget_ReplicationLag_yw1[]= HTTP/1.1","REMOTE_USER":"u.","REMOTE_ADDR":"","REFERER":"https://..com/invoices/index","DATE":"2015-07-14T14:35:44"},"HOST_FROM":"us-.local","HOST":"us-.local","FILE_NAME":"/var/run/syslog-ng/apache.access.fifo"}
How I can parse this logs?
... View more
05-14-2015
09:26 PM
1 Karma
I know how to do it, I tried to use on 8089 same certificate which I use for web.conf but another is necessary, with the password.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
