imsidr
commented
1 week ago pcap attached to splunk support case # CASE [3621290]
Open imsidr opened 1 week ago
imsidr
commented
1 week ago pcap attached to splunk support case # CASE [3621290]
imsidr
commented
5 days ago Hi @rjha-splunk @sbylica-splunk any update on this ?
sbylica-splunk
commented
23 hours ago Hi @imsidr, looking into it, I will post an update once we have something more.
Note: If your issue is not a bug or a feature request, please raise a support ticket through our support portal (Splunk.com > Support > Support Portal). This will help us resolve your issue more efficiently and provide you with better assistance. For more information on how to work with the Splunk Support, please refer to this guide.
Was the issue replicated by support? no What is the sc4s version ? 3.27.0
Which operating system (including its version) are you using for hosting SC4S? Ubuntu
Which runtime (Docker, Podman, Docker Swarm, BYOE, MicroK8s) are you using for SC4S? docker
Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support? yes
Is the issue related to the environment of the customer or Software related issue? Software related issue
Is it related to Data loss, please explain ? No Protocol? Hardware specs?
Last chance index/Fallback index? sc4s
Is the issue related to local customization? yes
Do we have all the default indexes created? yes
Describe the bug Juniper admin , firewall & idps logs are not parsed correctly
To Reproduce Steps to reproduce the behavior: