Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Nraj87
Nraj87
Loves-to-Learn Everything
Member since:
02-07-2023
01-07-2024
Community Statistics
| Posts | 7 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 02-07-2023 |
Activity Feed
- Posted How to create separate incident review dashboard for different team. on Splunk Enterprise Security. 10-30-2023 02:15 AM
- Tagged How to create separate incident review dashboard for different team. on Splunk Enterprise Security. 10-30-2023 02:15 AM
- Posted Splunk Python readiness app Not being push from deployer to the SH cluster? on Splunk Enterprise. 07-18-2023 06:13 AM
- Tagged Splunk Python readiness app Not being push from deployer to the SH cluster? on Splunk Enterprise. 07-18-2023 06:13 AM
- Posted Why is field is not extracted properly for Windows event log? on Getting Data In. 05-21-2023 04:56 AM
- Tagged Why is field is not extracted properly for Windows event log? on Getting Data In. 05-21-2023 04:56 AM
- Posted Re: Easiest way to exclude ingestion of events for a specific IP address at UF OR SyslogNG level on Getting Data In. 04-26-2023 04:06 AM
- Posted What is the easiest way to exclude ingestion of events for a specific IP address at UF OR SyslogNG level? on Getting Data In. 04-16-2023 05:05 AM
- Posted MACOS13 Logs onboarding into Splunk on Getting Data In. 04-10-2023 03:29 AM
- Tagged MACOS13 Logs onboarding into Splunk on Getting Data In. 04-10-2023 03:29 AM
- Posted Re: Mac OS X Sierra - How to get all logs from the Unified Log database? on Getting Data In. 02-07-2023 03:33 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
10-30-2023
02:15 AM
Dear All, Please suggest how to create separate incident review dashboard for different team. OR How the notable will separated base on Teams. i.e. Windows Team - Windows Team can only check windows related notable Unix Team -Linux Team can only check Unix related notable SOC Team - Soc Team can check all the notable
... View more
- Tags:
- Enterprise Security
Labels
- Labels:
-
other
-
using Enterprise Security
07-18-2023
06:13 AM
Splunk Python readiness app Not being push from deployer to the SH cluster .
The deployer server is running as MC, LM, Indexer master node, deployment server. Tried to push the APP with merge_to_default push mode on deployer.
Any suggestion for the troubleshoot this issue.
... View more
- Tags:
- deployer
Labels
- Labels:
-
troubleshooting
05-21-2023
04:56 AM
Field is not extracted properly for Windows event log where Ip address mark as "Client IP"
Try to extract Field below Regexs but no luck, in _internal logs Regexs was applied to the prorp.conf Successfully.
Please Suggest if anyone face this issue.
Regex 1
(?<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})
Regex 2 [^+]Client\s+IP\:\s+(?<ip>\d+.\d+.\d+.\d+)\s+
... View more
- Tags:
- field extraction
Labels
- Labels:
-
field extraction
04-26-2023
04:06 AM
1) What your infrastructure and ingestion process looks like - All the network devices are sending logs to SYSLOG-NG and from SYSLOGNG UF is forwarding the logs to the Indexers. 2) What you want to do - filter out events coming from particular IP? yes, i would like to filter out all the events at UF level particular IP. Containing particular IP?NA Something else?NA
... View more
04-16-2023
05:05 AM
Easiest way to exclude ingestion of events for a specific IP address from a SourceType at UF level OR Syslog-NG
... View more
Labels
- Labels:
-
universal forwarder
04-10-2023
03:29 AM
Hi All, Can you please guide and suggest, How to onboard the MACOS 13 logs into Splunk. Logs related to Web browser history and and network connection logs from MACOS 13 Systems.
... View more
- Tags:
- MACOS13
Labels
- Labels:
-
universal forwarder
02-07-2023
03:33 AM
Hi , I would like to onboard MAC PC all Browser's history in to the Splunk. Please suggest best way to onboard those logs. ~/Library/Safari/ ~/Users/<username>/Library/Application /Support/Firefox/Profiles ~/Users/<username>/Library/Application/Support/Google/Chrome/Default/History
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
01-07-2024
09:39 AM
|
