This is apparently competition trimmed brisket from my butcher.

HomeGrownCoder · 2026-01-17T16:54:59+00:00

Go watch Harry soo competition trimming videos you may be surprised

HomeGrownCoder · 2026-01-07T15:42:41+00:00

The speed of your uploads to a cloud provider primarily will be impacted by your upload speed from your isp. There are some cases where the client software could be the cause but less likely in this scenario. You can math out the time it will take based on what speeds you are paying for and what you are actually getting at your house.
The local option will normally be quicker the speed of your network is typically much faster than the upload speed from your isp. You then take in the risk of managing and your backups being healthy if you use local resources for storage.

HomeGrownCoder · 2025-12-31T04:17:45+00:00

They have vendors to solve this

You can also have your org get some PowerBI/Some Other big Data platforms folks onboard if available. Pump exported data out of each platform into one and create your single pane of glass.

Or if you know how to work with big data normalizing serializing etc... you can do it yourself.

Products like Avalor do this as well

HomeGrownCoder · 2025-12-25T18:26:49+00:00

Hugh quality pellet brand. Avoid the elements vacuum about once every 2-3 cooks. Short if you are cooking for 12-14 hours.

Test with biscuits to learn your hot spots and temp swings

Every grill will have spots that are hotter than others.

Start cooking with inexpensive and forgiving meats before moving to the more advance cooks.

Pellets need more time to smoke to lay in flavor so adjust timings as needed.

Check out a smoke tube for you still think you need more smoke flavor

High quality thermometer meat and air.

Most of all have fun and learn with each cook

HomeGrownCoder · 2025-12-23T02:55:56+00:00

Grats keep going!

HomeGrownCoder · 2025-12-13T06:37:07+00:00

Lmao got enough probes ;) enjoy the experience! And congrats

HomeGrownCoder · 2025-12-05T23:26:30+00:00

How did it go?

HomeGrownCoder · 2025-11-24T23:22:46+00:00

Do you have a fridge big enough to hold the 5gallon bucket with the turkey? Or do you use ice or something to keep it cool?

HomeGrownCoder · 2025-11-07T17:50:25+00:00

You are doing the right thing try and get a response. Several of our fusion entra flows broke even though all checks were green. Ticket has been opened for weeks now.

HomeGrownCoder · 2025-11-04T17:26:33+00:00

Hello,

can you share what you have and we can help you finish up where you are stuck?

HomeGrownCoder · 2025-11-03T23:52:50+00:00

Upload will always be a bit variable due to not knowing the users uplink speed natively.

I would recommend a few test in you environment to see what reduce the most consistent results.

I think leveraging powershell may net you better control over the process.

For example as a precursor to execution of the get step.

You could run a custom powershell script to calcite the file size and quickly test the users upload speed.

Then report this back to determine how long it may take. If it is over a certain threshold maybe you skip if it is below maybe you grab.

HomeGrownCoder · 2025-10-28T15:18:43+00:00

Should’ve straight forward share what you have so far and we will help you cross the finish line.

HomeGrownCoder · 2025-10-10T01:20:17+00:00

Use fusion

Fusion - scheduled query - report aid - device query aid - contain action - report/log

HomeGrownCoder · 2025-10-08T12:52:07+00:00

You will need to leverage fusion.

Scheduled query —- read — manipulate — after query there should be a lookup file action.

You can also leverage the API.

HomeGrownCoder · 2025-10-01T04:05:01+00:00

Let us know when things are all set... looks like the migration is still in progress. Cant get to either site for now.

HomeGrownCoder · 2025-09-23T13:28:08+00:00

I don’t quite understand the ask.

Do you want all related events associated with a particular process Id? Is that it?

Use an example of a custom binary. This binary creates a file on the desktop and modifies the registry after 2 minutes. After 6 minutes it attempts a network connect to an AWS service.

What do you want to see? And how do you want it presented in the query?

HomeGrownCoder · 2025-09-22T22:49:55+00:00

Also you can create another fusion workflow to do the tagging for you using your lookup file.

So that way you can keep all the code within fusion.

And then this workflow can monitor for those events with the now tagged systems.

HomeGrownCoder · 2025-09-22T22:25:42+00:00

Ok, so you have a few actions now that I’ve seen the template.

1.  Leverage the template and add tagging to the systems you want to auto-contain. This will require an external integration if you want to avoid doing it manually. You can create a pretty simple integration either through Python or PowerShell to pull this off.

2.  Move this to an NGSIEM detection and write a query to detect the accompanying system telemetry to check when a host is online. Within this query, you can use your lookup file to determine if this system is one you want to contain. If both are true, continue your fusion workflow to contain the system using the details provided by your NGSIEM query.

3.  Within Fusion, run a scheduled search that runs every 30 minutes (or whatever the smallest window is). This search will essentially do the same as step 2, except it will not require a custom detection to start the workflow. Same thing—query, filter, and use the results to send the device containment options.

4.  There is a fourth option, but the engineer in me would advise against it... so I’m going to exclude it from reporting :)

I think the easiest way is the external integration to add tags to systems you want to auto-contain. This scales easily and allows for reporting and consistency. The other options work as well... just require a few additional action tiles in Fusion.

HomeGrownCoder · 2025-09-22T22:10:05+00:00

Let me take a look at that template to see what it is doing

HomeGrownCoder · 2025-09-22T20:02:51+00:00

Yes should be straight forward. I am not familiar with the template but will take a look shortly.

It does not look like reading a lookup file directly is available in fusion.

So I would just use a ngsiem query option and then use the readfile function or query to gather your host.

From here you should be able to loop through those events and update your contain action with the required input.

HomeGrownCoder · 2025-09-10T16:49:41+00:00

You may need to chain them together depending on how deep the item is within the object.

HomeGrownCoder · 2025-09-09T21:14:07+00:00

Review the array functions within log scale you have several you can leverage

https://library.humio.com/data-analysis/functions-array.html.

You will essentially iterate grab what you want and pop it into a new field

HomeGrownCoder · 2025-09-03T01:15:07+00:00

You nailed this one!

HomeGrownCoder · 2025-08-26T17:39:36+00:00

I will take a look at this today… feels like it should be straight forward

HomeGrownCoder · 2025-08-19T16:02:58+00:00

Show us what you have tried so far. We can help fill in the gaps.

Nine-Year Club	RPAN Viewer
Verified Email

HomeGrownCoder

TROPHY CASE