Hi,I'm working on integration an "Imperva SecureSphere", as the doc
DOC-40191 says, I need the "impervawaf.txt" file, but I don't find this
additional download. Hope you can help me.
Hello, I need to filter logs to be storage on Archiver. I need to
disscard any log from device ip 1.1.1.1 and any log from device type
'winevent_nic' and from the device type 'winevent_snare' just need to
keep any log that start with 'security' word ...
Hi, As I have issue with LogCollector service, I had to create another
method to send log from database to LogDecoder by syslog, I test it on
oracle 11c an works fine but I have trouble with 12c version. I run the
same query that use the xml file "or...
How can I Reset stats of "Event Source Monitoring" on "Health &
Wellness" module?As I have many source datas that doesn't send logs
anymore, I want to clean them.
HelloI need to make some basic report rules for many SO (mostly linux
and WIndows), so I was thinking to use 'event.cat.name' meta, because I
guess this meta exist for all SOs logs. So I was wondering: Is there a
list of all possible values of this m...
Hi John Basically I need to enrich Client data (full name and ID), the
goal is make a rule that show all the registers where client ID (get
from feed, I thought) is equal to user ID (this meta already exist). But
as there are more than 14 millions of...
Hi, The query that I try to run is: We want to know the last login of
user in the last 3 or 6 months. Have to work with event.time instead
time meta because sometimes the collecting time has delay of days.
Hi Brian, Thanks for the answer, I already tried to compile the feed
with using "NwConsole" but got an error and the feed file never be
generate. Instead I tried to split my file in lower pieces and then
generate my feed with one of them. Finally I n...
Hi Renato, I had the same problem with a report. The main trouble is
handle with "event.time" meta and report engine syntax. Well, this is
how I did: 1st: work on the xml parser and use "event.time.str" to save
(as string) the value of "event.time" (...
Thanks for the info. So far I got this xml "DataCliAmdocs.xml": And this file
"DataCliAmdocs.csv" (Just a sample, the real have over 14M):
#amdocs|CUSTOMER_KEY|ID|FULL_NAME|VARamdocs|99999742|N/A|PICA
PIEDRA,PEDRO PANCHO|R:Resistor--...
