Splunk DB Connector 3 + MySQL driver


Splunk DB Connector 2 install on ubuntu + mysql connector



OSX local dictionary

OSX local dictionary is located in this file:~/Library/Spelling/LocalDictionary So if you by mistake added some misspelled word you can delete it from this file.Vadim

RPZ qname-wait-recurse no

No DNS records are needed for a QNAME or Client-IP trigger. The name or IP address itself is sufficient, so in principle the query name need not be recursively resolved. However, not resolving the requested name can leak the fact that response policy rewriting is in use and that the name is listed in a …

Continue reading ‘RPZ qname-wait-recurse no’ »

wkhtmltopdf vs maximum pages

wkhtmltopdf use 2 file descriptor per page (one each for header and footer) which are required for generating the per-page custom variables. By default Linux allows users to open up to 1024 files. So in case if your document contains more than 512 pages you have to change this limit up to a higher value. In Ubuntu …

Continue reading ‘wkhtmltopdf vs maximum pages’ »

Infoblox Reporting. DNS Top RPZ Hits with Discovered Name.

This is a custom version of “DNS Top RPZ Hits” report with added Discovered Name/Network View fields and removed Time field.

Infoblox Reporting. IPAM Statistic Used/Unused IPs per a subnet

This simple search shows IPAM network usage statistic.

Infoblox Reporting. IPAM Discovered Device History by Network

 This is a custom version of this dashboard. I’ve added networks filter. The query for the filter is not an optimal in terms of performance but anyway will work good for small IPAM databases.

Infoblox Reporting. Inactive MAC Addresses

This report is a custom version of “Inactive IP Addresses” report and provide information about MAC addresses that were not connected to a network for a while.

How to determine Splunk version

This search shows Splunk’s version.