Code Monkey home page Code Monkey logo

Comments (8)

ikheifets-splunk avatar ikheifets-splunk commented on June 20, 2024

Hello, @RichardHEB !

What is the sc4s version ?
pr-2259

Please use release version (for example 3.19.0 or latest), we asking customer test dev version only for test Pull Request is it working before release :)

Is there a pcap available?
Yes

Please send me on email: [email protected]

from splunk-connect-for-syslog.

ikheifets-splunk avatar ikheifets-splunk commented on June 20, 2024

Hello, @RichardHEB !
Haven't got pcap from you!

from splunk-connect-for-syslog.

RichardHEB avatar RichardHEB commented on June 20, 2024

Hi @ikheifets-splunk I had asked Andre (Splunk) to send it to you. He's had it since day one, I can email it to your Splunk email, do not want to posted open in public here. Am checking with Andre as well.

from splunk-connect-for-syslog.

ikheifets-splunk avatar ikheifets-splunk commented on June 20, 2024

thanks @RichardHEB finally received it, Andre shared with me.

from splunk-connect-for-syslog.

RichardHEB avatar RichardHEB commented on June 20, 2024

Hi Ilya, any updates on this one?

from splunk-connect-for-syslog.

ikheifets-splunk avatar ikheifets-splunk commented on June 20, 2024

Hello, @RichardHEB !
Please upgrade on our dev build to check that our parser working for you:
docker pull ghcr.io/splunk/splunk-connect-for-syslog/container3:pr-2393

We parsed your log message (I hide here sensitive data like ip, emails):

<141> Apr 05 18:19:55 MCS:BS::BACKUP::EDIT: <Code> 22555 <Type> AUDIT <Severity> PROCESS <Category> SECURITY <User> [email protected] <HwSource> amavar <Summary> Changed backup expiration. <path> /clients/Dev-Cert/Windows/test.com <createtime> 2024-02-03 02:32:09 CST <plugin> 3001 <labelnum> 388 <expiration> 2024-02-16 <requestor> <requestor domain="/" host="1.1.1.1" product="test" role="Administrator" user="[email protected]"/>

Will look at Splunk like this:
Screenshot 2024-04-05 at 18 58 47

from splunk-connect-for-syslog.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.