I am trying to find a method where I can remove unneeded data from our
archivers. Idea:Run nwconsole (sdk content command) on all Archivers and
output sessionid list that match where clause device.type =
'unknown'Feed that sessionid list to wipe SDK ...
Scenario:We have CEF audit logging enabled. Usernames are not parsed
correctly since it removes the backslash for the active directory domain
and concatenates the domain and username. i.e. Domain is CONTOSOUsername
is BLARGH result for user.src in CE...
Log Collection Config: Configure Event Filters for Log Collector I'm a
bit confused. I read the above documentation but if for instance, I have
kernel warning logs from Syslog, so facility is kernel but severity is
'warning' then what sort of format ...
Update: I got it working in UAT, had to cat the root and issuing CA .cer
(base64) format files in proper order to a single file called .chain and
used that to convert the server .crt/.pem file into .p7b. openssl
crl2pkcs7 -nocrl -certfile /root/web-s...