-
Sending SYSLOG to the correct NetMRI Collector
How do I send SYSLOG messages in an OC Setup? How do I know which collector to send SYSLOG messages to? Solution: This will help you send SYSLOG messages to correct NetMRI Collector. We have a "well known" variable call "$netmri_ipaddress" that is the Collector that discovered the device. Use this CCS Script:…
-
DNS Reply Code by Client
Here is a dashboard that will give you the opportunity to review the DNS reply code when a client sends a DNS request (NoError, NxDomain, ServFail, Refused). This dashboard can alert you when DNS requests don't have the expected answer, and then, help you understand why and fix the problem (create the zone, the record, a…
-
Dashboard: DHCPv4 Range Utilization - Empty Ranges
Hey guys, A customer of ours needed a dashboard that gives you the option to show all DHCP Networks that are not being utilized. It's a bit surprising to us that this is not a feature available in any of the default dashboards/reports. In the default settings you will get all DHCP networks that have no utilization in the…
-
DNS RPZ Hits by Clients (Drilldown)
RPZ Hits by Client Report for Drilldown. HTH. <form> <label>DNS RPZ Hits by Clients (Drilldown)</label> <description></description> <fieldset submitButton="true" autoRun="true"> <input type="time" token="time"> <label>Time</label> <default> <earliest>-1w</earliest> <latest>now</latest> </default> </input> <input…
-
CSV export of address information for entire network hierarchy
If you are in the IPAM view of the web interface (Data Management > IPAM) and look at a network you can get a display of all the addresses in that network and information related to those addresses, such as DNS names, MAC addresses, etc. I was working with someone who wanted to see a similar display, but for an entire set…
-
Syslog Based RPZ reports
-
Splunk application for ActiveTrust Cloud
I have just published a Splunk application for ActiveTrust Cloud. This application allows you to: - get ActiveTrust Cloud logs into Splunk using the REST API introduced with ATC 2.0 - filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and…
-
RPZ DNS Firewall Syslog based Report - Multiple Groupings and Geo Location
-
WAPI example of Traffic Capture Download
The attached script is an example of using the WAPI to trigger a traffic capture and then download it. It's written in Perl, but used the WAPI and not the PAPI. Rename traffic_capture_to_file.txt to traffic_capture_to_file.pl. To get help use: traffic_capture_to_file.pl --help traffic_capture_to_file.pl --man Help…
-
Assign next VLAN number via Outbound API
So, this is fairly basic, and there's definitely more that could be done here (ie, search for next "available", as opposed to simply increment to the "next" number), but it's a start, so I thought I'd post it out for the community to expand on as desired. As this uses the Outbound API, an Ecosystem license is required. The…
