Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About drejoe
drejoe
Explorer
Member since:
12-21-2017
06-06-2022
Community Statistics
| Posts | 9 |
| Solutions | 0 |
| Karma Given | 1 |
| Karma Received | 1 |
| Member Since | 12-21-2017 |
Activity Feed
- Posted Re: Splunk Add-on for Zenoss / TA-zenoss- Why am I receiving this error? on All Apps and Add-ons. 06-02-2022 05:27 AM
- Posted Splunk Add-on for Zenoss / TA-zenoss- Why am I receiving this error? on All Apps and Add-ons. 06-01-2022 06:50 AM
- Posted Re: Alternatives to using MVExpand - running into limitations on Splunk Enterprise. 07-28-2021 05:22 AM
- Posted Re: Alternatives to using MVExpand - running into limitations on Splunk Enterprise. 07-28-2021 05:02 AM
- Tagged "Cisco AMP for Endpoints Events Input" / amp4e_events_input - future update for Splunk ver. 8.x?? on All Apps and Add-ons. 01-28-2021 06:21 AM
- Tagged "Cisco AMP for Endpoints Events Input" / amp4e_events_input - future update for Splunk ver. 8.x?? on All Apps and Add-ons. 01-28-2021 06:21 AM
- Tagged "Cisco AMP for Endpoints Events Input" / amp4e_events_input - future update for Splunk ver. 8.x?? on All Apps and Add-ons. 01-28-2021 06:21 AM
- Posted "Cisco AMP for Endpoints Events Input" / amp4e_events_input - future update for Splunk ver. 8.x?? on All Apps and Add-ons. 01-28-2021 06:14 AM
- Got Karma for "Adaptive response actions" & "send to phantom". 06-05-2020 12:49 AM
- Karma Re: Pass fields from base search to subsearch fails for stwong. 06-05-2020 12:48 AM
- Posted Re: Automatic lookup, matching range field? on Knowledge Management. 08-21-2018 01:15 PM
- Posted Automatic lookup, matching range field? on Knowledge Management. 08-21-2018 06:27 AM
- Tagged Automatic lookup, matching range field? on Knowledge Management. 08-21-2018 06:27 AM
- Tagged Automatic lookup, matching range field? on Knowledge Management. 08-21-2018 06:27 AM
- Tagged Automatic lookup, matching range field? on Knowledge Management. 08-21-2018 06:27 AM
- Posted "Adaptive response actions" & "send to phantom" on All Apps and Add-ons. 04-24-2018 03:59 AM
- Tagged "Adaptive response actions" & "send to phantom" on All Apps and Add-ons. 04-24-2018 03:59 AM
- Posted OpsGenie App: Trigging alert doesn't work unless user has Admin role on All Apps and Add-ons. 12-21-2017 06:19 AM
- Tagged OpsGenie App: Trigging alert doesn't work unless user has Admin role on All Apps and Add-ons. 12-21-2017 06:19 AM
- Tagged OpsGenie App: Trigging alert doesn't work unless user has Admin role on All Apps and Add-ons. 12-21-2017 06:19 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 |
06-02-2022
05:27 AM
Hi again @epescio_splunk Just ran the setup process again and gets this in splunkd: 06-02-2022 14:21:14.554 +0200 WARN HttpListener [239862 HttpDedicatedIoThread-7] - Socket error from 127.0.0.1:36934 while accessing /servicesNS/admin/search/data/inputs/zenoss_events: Broken pipe 06-02-2022 14:21:14.528 +0200 ERROR ModularInputs [2321750 TcpChannelThread] - Argument validation for scheme=zenoss_events: killing process, because executing it took too long (over 30000 msecs). Other error in the timezone: 06-02-2022 14:21:12.051 +0200 ERROR ChunkedExternProcessor [2355645 ChunkedExternProcessorStderrLogger] - stderr: BrokenPipeError: [Errno 32] Broken pipe 06-02-2022 14:21:12.051 +0200 ERROR ChunkedExternProcessor [2355645 ChunkedExternProcessorStderrLogger] - stderr: Exception ignored in: <_io.TextIOWrapper name='<stdout>' mode='w' encoding='UTF-8'> Cheers //T
... View more
06-01-2022
06:50 AM
Hi,
When trying to config the inputs via the GUI I keeps getting the following error after adding all the information (press Next):
Encountered the following error while trying to save: Splunkd daemon is not responding: ('Error connecting to /servicesNS/admin/TA-zenoss/data/inputs/zenoss_events: The read operation timed out',)
While I'm running on a VM, I just added more vCores and Memory - but still gets the same error.
It's the current newest version 2.1.0 of the TA and Splunk version 8.2.6 on Ubuntu 18.04LTS.
Any help?
Thanks //T
@epescio_splunk @shaskell_splunk
... View more
Labels
- Labels:
-
configuration
-
troubleshooting
07-28-2021
05:22 AM
max_mem_usage_mb under the default stanza or?
... View more
07-28-2021
05:02 AM
@ITWhisperer And when you run into the limitation of 50000 on makecontinuous.! Any alternatives to this issue? I've the need of handling quite more than 50000 with a simulare function as makecontinuous. Any idea? //T
... View more
01-28-2021
06:14 AM
Hi, Any up coming update on this TA? Cheers //T
... View more
Labels
- Labels:
-
upgrade
08-21-2018
01:15 PM
Hi,
Thanks for the answer.
I've already tried this solution (before posting the question) with one line per port. But the amount of combinations is huge - millions of lines which won't work at all.
That's why I need another solution - a solution that can handle this ranges instead of "unfolding" all combinations.
... View more
08-21-2018
06:27 AM
Hi,
I would like to enriche netflow data (i.e. dst ip, dst port) with "service name", using automatic lookup.
My lookup looks like the following example:
IP PORT_RANGE SERVICENAME
x.x.x.x/32 1024,1048 ServiceA
y.y.y.y/30 80,80 ServiceB
z.z.z.z/31 8000,8999 ServiceC
OR the lookup could be with two PORT fields:
IP PORT_MIN PORT_MAX SERVICENAME
x.x.x.x/32 1024 1048 ServiceA
y.y.y.y/30 80 80 ServiceB
z.z.z.z/31 8000 8999 ServiceC
Matching the IP is easy with match_type CIDR, BUT how-to match the port range???
Don't mind which of the two examples above to implement a solution for 😉
Or the solution could be a complete 3th solution.
Looking forward fore some bright answers,
Thanks,
//Torben
... View more
04-24-2018
03:59 AM
1 Karma
Hi,
Using Phantom 3.5 on Splunk 7.0.1 & ESS 5.0.
Having an issue when users NOT in the Splunk Admin role want's to "Send to Phantom" via "Adaptive response actions" - then the population for the phantom server isn't found. If the user have the Admin role it works fine - but I don't want the security users/role to have the Admin role.
Any idear on what to do to get the population to return the phantom server?
KR //Torben
... View more
- Tags:
- splunk-enterprise
12-21-2017
06:19 AM
Hi all,
Having some problems with Alerts & OpsGenie. Actually it works when using at Splunk user with Admin role. But I'm not a fan of adding Admin roles to "normal users". Would like to create a new role for this group of users who needs to create OpsGennie alerts.
Have done some testing with different capabilities - but haven't found the right combination yet - hence this question 😉
Using Splunk 6.6.1 and OpsGenie 1.1.5
Thanks
//Torben
... View more
