I've recently noticed that the hashlookup function exists when you are
looking at the files within the streams. how ever it seems that this
function doesn't spawn another window or other results. and i was
wondering if there is any documentation on h...
ive been digging through the online documentation trying to find an
answer, I'm looking to build some custom alert templates for SA. and the
ones i had saved from the legacy informer appliance no longer work, as
the variable options have changed, ive...
I've been running in to a problem using the web interface and actually
getting data to export in to a pcap.it seems that more often then not,
my pcap exports will fail from the web UI, but using the fat client i am
able to retrieve the data. In the w...
ive just started to see this error on my dashlettes, as well as the
associated charts. Unable To Fetch Schema From The Data Source. grepping
through the messages files yields nothing. i have opened a ticket but in
an effort to see if anyone else has ...
i have been tasked with compiling feeds based on known bad hosts that we
receive a list from. The list has 3 parts, ip’s, fqdn’s, hashes. I’ve
been able to compile a feed for the ip information but I am unable to do
the same for the hostnames. Nwcons...
no, its more templates for email alerts, and the required fields for the
meta variables. as well as how they are built. IE in 9.x i had this for
an informer template, that would send an smtp alert out when a condition
or alert was generated. i modifi...
it was resolved briefly after i applied a hot fix. but it has come back
i think its time to start exploring options to day zero the broker, and
just reload everything back on to it. it is a total PIA where i cant
extract pcap's but yet it will do fil...