Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About stevenbo
stevenbo
Explorer
Member since:
03-05-2024
05-06-2024
Community Statistics
| Posts | 8 |
| Solutions | 0 |
| Karma Given | 1 |
| Karma Received | 0 |
| Member Since | 03-05-2024 |
Activity Feed
- Posted What do you all do for patching timeframes with DBConnect? on All Apps and Add-ons. 05-06-2024 01:36 PM
- Posted Re: Web Server location on Splunk SOAR. 04-11-2024 10:38 AM
- Karma Re: Web Server location for marnall. 04-10-2024 10:11 AM
- Posted Re: Web Server location on Splunk SOAR. 04-10-2024 10:10 AM
- Posted Web Server location on Splunk SOAR. 04-09-2024 07:36 AM
- Posted Reconfigure SOAR Web UI/URL/Ports on Splunk SOAR. 03-19-2024 09:09 AM
- Posted Re: Ongoing Patching Countdown on Dashboards & Visualizations. 03-06-2024 06:11 AM
- Posted Re: Ongoing Patching Countdown on Dashboards & Visualizations. 03-05-2024 01:38 PM
- Posted Ongoing Patching Countdown on Dashboards & Visualizations. 03-05-2024 01:23 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
05-06-2024
01:36 PM
Currently this is a manual process for me, I swap our connections between our primary and secondary HFs for every patch window. Is this what everyone is doing or is there a way to automate a cutover? Thanks for any insight!
... View more
Labels
- Labels:
-
administration
04-11-2024
10:38 AM
Going the route I am inquiring about is not my preference. I have kind of a convoluted internal network. I have requests in with my network team to get ssl passed through to where I need it and in the meantime am just trying to consider other options in case they can't make it work.
... View more
04-10-2024
10:10 AM
Thank you for the response. After a lot of digging and looking through py files and scripts, I did manage to find those 2 conf files. I was able to successfully disable SSL and access via http, the weird thing is on some machines, I am unable to login, I receive a 403 error (SOAR outputs as "Login Prevented. Please close your browser and try again"), on others, I can log in with no issue. I cannot find anything in the nginx confs that would cause this issue. It is assumably a local issue to those machines, but I would like to track it down so I can ensure it won't be a problem in the environment we intend to use. I know Django and UWSGI are also playing roles in this configuration, but I am not sure what those roles are.
... View more
04-09-2024
07:36 AM
Where is the web server actually installed to and ran from for SOAR in a RHEL environment? Unlike Splunk Web UI where I can modify the web.conf file, for SOAR I only see a massive amount of py files everywhere. I need to figure out where it actually starts and sets it's paths. Specifically where SSL is chosen. Assume I have installed SOAR to /data Thanks for any assistance!
... View more
Labels
03-19-2024
09:09 AM
I have SOAR installed and am trying to figure out how to make configuration changes, specifically for accessing the web interface. We are currently accessing via: https://ipaddress:8000 Overall, I am trying to find out how to make it accessible via http, if possible. Along with that, I would like to know where to make general configuration changes similar to web.conf for Splunk. I had to dig around quite a bit to discover the login.html in a templates folder just to add my server names for clarity. Any help would be greatly appreciated!
... View more
Labels
- Labels:
-
using SOAR ⁄ Phantom
03-06-2024
06:11 AM
@burwell wrote: How about something like this | makeresults
| eval start= strptime("02-01-2024", "%m-%d-%Y")
| eval today=now()
| eval time_difference=floor((today-start)/(60*60*24))
| eval mod_val=time_difference % 28
| eval days_to_patch=28-mod_val Thank you, I think this does exactly what I need! Greatly appreciated!
... View more
03-05-2024
01:38 PM
@burwell wrote: Hi so what's the patching schedule? Every 28 days starting in Feb 1? Sorry, yes. Every 28 days starting Feb 1.
... View more
03-05-2024
01:23 PM
Hello everyone, I am trying to use Splunk to create an ongoing patching countdown that will be Single Value (Days Until Patch) on my Dashboard. How can I go about accomplishing this? I was able to calculate 1 patch cycle, but I am not sure how to get it to recalculate for every month. Right now for example, it is telling me the next patch date is 2/29/2024. Hoping someone already has a solution built out. Thank you for any assistance!
This is what I have so far:
| makeresults
| eval start= strptime("02-01-2024", "%m-%d-%Y")
| eval startStr=strftime(start, "%D")
| eval PatchDate = relative_time(start ,"+28d")
| eval PatchDateString= strftime(PatchDate, "%D")
| eval PriorPatchDate = relative_time(start ,"-28d")
| eval PriorPatchDateString = strftime(PriorPatchDate, "%D")
| eval daysCountD= strftime(PatchDate - now(), "%d")
| table daysCountD PriorPatchDateString PatchDateString
... View more
Labels
- Labels:
-
Dashboard Studio
