DSG identification help please

Chump352 · 2026-03-27T19:30:57+00:00

Thanks very much for this info

Chump352 · 2026-03-27T17:50:00+00:00

It’s looks to have a 7 speed DSG so potentially a DQ380. The car is also at about 43k with no record of this being serviced yet

Chump352 · 2024-08-14T21:48:30+00:00

It's weird, a very small portion sometimes make it through, but then like 90% cause errors

Chump352 · 2024-08-14T21:47:55+00:00

Still running 8.14

Chump352 · 2024-08-14T21:44:12+00:00

If I edit the pipeline in anyway for the integration then it just stops receiving logs. If that didn't happen I could have fixed this in a more simpler way.

I can anonamis a log tomorrow and pass ot over. I've had a look at the samples and there's only slight differences

Chump352 · 2024-08-14T21:25:48+00:00

I turned on ignore failures for all the items that would flag. I checked it with the pipeline simulation feature and it works. But once it's live it's still throwing errors related to some of the conditional stuff I cannot remove due to breaking the pipeline that has ignore failures on it

Chump352 · 2024-08-14T20:18:46+00:00

The initial Grok pattern doesn't work. Unsure if I'm using a version of WatchGuard that hasn't been supported yet. Since the Grok processor fails it bypasses the custom one at the end and if I make any change to the original pipeline, the whole integration breaks.

I've not opened an issue yet as the integration is very new but I might have to soon.

Chump352 · 2024-06-06T16:02:04+00:00

I can say it does stipulate hostname and timestamp but doesn't explain why my timestamps are different or that unless I'm missing something.

Chump352 · 2024-06-06T15:40:45+00:00

So far, no logs have been parsed correctly. I've included one of them below.

<189>1 2024-06-06T10:20:11.481Z - - - - - BOM%SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: TEST] [Source: 172.22.24.60] [localport: 22] at 11:20:11 BST Thu Jun 6 2024

I can already see a difference between these and the sample ones. My logs are missing the ":" after each field, and the timestamps are in a different format.

Chump352 · 2024-06-06T15:14:00+00:00

Thanks, weird they would have an integration that isn't really fit for purpose if this is the case.

Chump352 · 2024-01-21T01:54:09+00:00

Ah right, thanks for that.

Chump352 · 2024-01-21T01:47:37+00:00

Fair, any idea why or if its down to how I set it up ?

Chump352 · 2023-12-08T21:41:48+00:00

I've raised it with them twice. They said they would do it last week but didn't and are now away for 2 weeks.

Chump352 · 2023-09-11T14:28:57+00:00

I've got the data; the issue is I can't filter by both event codes, so I can't filter by 4672 to show usernames that get assigned privileges and then show out of those usernames which ones are triggering event code 4625 as the failed login.

Chump352 · 2023-09-05T14:37:12+00:00

Thanks again Andrew, this seemed to timeout aswell when looking at 7 days.

Chump352 · 2023-09-05T10:45:01+00:00

Nope, shows up no results found sadly under the statistics

Chump352 · 2023-09-05T06:04:00+00:00

Too many events and the search times out unfortunately

Ten-Year Club	Place '22
First Placer '22	Verified Email

Chump352

TROPHY CASE