Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pack is missing a route for pan_correlation logs #12

Closed
kmocribl opened this issue Feb 11, 2022 · 0 comments · Fixed by #14
Closed

Pack is missing a route for pan_correlation logs #12

kmocribl opened this issue Feb 11, 2022 · 0 comments · Fixed by #14
Assignees
@bdalpe
Labels
bug Something isn't working
Milestone
0.7.0

Comments

@kmocribl
Copy link

In analyzing the Splunk TA to see what would (if anything) be effected by the pack, I noticed there wasn't a route for pan_correlation logs. The TA references the following transforms.conf stanzas in props.conf for routing to the appropriate sourcetype:

TRANSFORMS-sourcetype = pan_threat, pan_traffic, pan_system, pan_config, pan_hipmatch, pan_correlation, pan_userid, pan_globalprotect, pan_decryption
@bdalpe bdalpe self-assigned this Feb 11, 2022
@bdalpe bdalpe added the bug Something isn't working label Feb 11, 2022
@bdalpe bdalpe added this to the 0.7.0 milestone Feb 11, 2022
bdalpe added a commit that referenced this issue Mar 3, 2022
@bdalpe
Add correlation route, pipeline, and sample
13b32fd 
Resolves #12
@bdalpe bdalpe mentioned this issue Mar 3, 2022
Merged
@bdalpe bdalpe closed this as completed in #14 Mar 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bdalpe bdalpe

Labels
bug Something isn't working
Projects
None yet
Milestone
0.7.0
Development

Successfully merging a pull request may close this issue.

Add correlation route, pipeline, and sample criblpacks/cribl-palo-alto-networks
2 participants
@bdalpe @kmocribl