Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Reporting

Reply

Problem with Query counting

New Member
Posts: 1
1102     0

Hi

 

Thanks a lot for the support that you will provide to me.

We have a vm5005 Reporting Collector.

 

We have a problem with these report  "index=ib_dns_summary report=si_dns_requested_domain" .

The problem is that for some domains that are managed by three memeber the search doesn't give result.

It seems doesn't collect nothing.

For other domains managed by other two grid-member the search works and there are collected events.

 

%index for "DNS Query" in "GRID REPORTING PROPERTIES" is set to 72%

All the member have the flag "DNS Query" set on the "REPORTING MEMBER PROPERTIES

 

domain1.com is managed by gr-memb1 and gr-memb2 .

For this domain the report is working good.

domain2.com manged by other three memeber .

For this domain the report and the search doesn't work

 

I found the last data collected for domain2.com If I set as tima range (Previous Year).

 

Thans a lot in advance for your support.

 

Best Regards

Giuseppe

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You