Szymon Bylica

Results 29 comments of Szymon Bylica

Improved HEC error messages

Updated the pr

Request for Updates to SC4S Build for RKE Cluster Deployment

I've added a task to our backlog

Request for Updates to SC4S Build for RKE Cluster Deployment

@hatem2018 do you have a support case for this? Can you share it?

Incorrect rewrite of cisco:asa logs to cisco:ftd

Looks like this bug may be caused by new message types introduced by FTD: https://www.cisco.com/c/en/us/td/docs/security/firepower/Syslogs/b_fptd_syslog_guide/syslogs4.html#id_87690 It will probably require changes to app-cisco-cisco_asa.conf and app-cisco-cisco_ftd.conf, we'll discuss this and get back...

Incorrect rewrite of cisco:asa logs to cisco:ftd

Just FYI we have implemented changes that address this issue, they should be a part of the next release

ILO 5

Hi @techsystems-unix, any updates on this?

Support option auto_extract_timestamp=true in HEC url

Wouldn't it make more sense to create a custom filter and extract it in SC4S? Alternatively we could try changing hec endpoint in values: charts/splunk-connect-for-syslog/values.yaml

Support option auto_extract_timestamp=true in HEC url

@yoann-ls any updates to this case?

chore(deps): update actions/checkout action to v5 - abandoned

Already on V6

Add support for Dell Powerstore Alert Logs

Implemented changes necessary for this here: https://github.com/splunk/splunk-connect-for-syslog/pull/2818 It should be a part of our next release.