Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About socks
socks
Loves-to-Learn Lots
Member since:
01-26-2022
12-13-2022
Community Statistics
| Posts | 6 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 01-26-2022 |
Activity Feed
- Posted UF StreamForwarder 8.1.0 issue on Getting Data In. 10-17-2022 11:44 AM
- Posted Universal Forwarder- Am I misunderstanding the UF? on Getting Data In. 10-07-2022 10:17 AM
- Posted Re: How do I use the data from lookup table column as search on live index? on Splunk Search. 03-15-2022 07:07 AM
- Posted How do I use the data from lookup table column as search on live index? on Splunk Search. 03-10-2022 03:01 PM
- Tagged How do I use the data from lookup table column as search on live index? on Splunk Search. 03-10-2022 03:01 PM
- Posted Re: Security Admin Certifications - per section on Training + Certification Discussions. 02-28-2022 05:34 AM
- Posted Security Admin Certifications: Is there a min requirement in each section to pass the certification exam? on Training + Certification Discussions. 02-28-2022 04:12 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
10-17-2022
11:44 AM
Soo I have been able to setup and create the different monitors for my universal forwarder. Im working in a test environment so I dont need ssl, however I am attempting to monitor change to a ubuntu 16.04 via the universal forwarder. the data is pretty sparse, i initially thought it was because there is no user interaction. Now I get some logs but i also get a 500 internal web error . any idea on the cause of this ? and why am I not getting the logs from tmp or user access logs ?
... View more
Labels
10-07-2022
10:17 AM
Good Morning all ,
I have a standalone splunk installation , there is no syslog data being transmitted and Im really not getting any data collected from the universal forwarded it is phoning home however i dont see any data from the linux server that it is installed on. I dont see any log modifications or anything . am i mis understanding the UF
... View more
Labels
- Labels:
-
syslog
-
universal forwarder
03-15-2022
07:07 AM
nope this is not working , as the query seems to think the field src_ip is in the lookup table and it is not
... View more
03-10-2022
03:01 PM
I just built my first lookup table, because I have a csv of about 200 servers with the in different ip spaces and I need to perform 2 things . 1. confirm the ip's in the csv's are in splunk and 2. display per ip what ports are listening. So my query has been this
index=* |stats count by src_ip , dest_port [|inputlookup networkservers.csv | fields "IPv4 Address" | rename "IPv4 Address " as query
I have confirmed the lookup table is there and I can see it , and I can query the network, im just having issues with ingesting the 200+ ips as search items and then marrying the ports and prots with it . thanks in advance if this makes sense or am i looking at it all wrong ?
... View more
- Tags:
- lookup tables
02-28-2022
05:34 AM
So is that90% overall?
... View more
02-28-2022
04:12 AM
Is there a min requirement in each section to pass the certification exam. ie.: no less than 70% in each category?
I did well for not taking any Splunk training and self learning , however there was a break down on my results and I was trying to understand the min in each section, as I did well in some places and nothing less than 33% and I would like to target my time and efforts when i retry next tues
any help on this would be great , and im not looking for exacts but more general expectations per section and Ill share my results if that helps .
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
12-13-2022
02:40 PM
|
