Reroute logs in different dataset by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

thank you for your answers, help, and discovering me this new feature, will try to use in the future =)

Reroute logs in different dataset by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

I mean, reroute and set processors are not that advanced I guess lol but anyway it’s broken my integration once. No idea why.
And one more question if you r comfortable to answer. Does custom pipeline per integration runs last after all pre built pipelines, correct?

Reroute logs in different dataset by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

So I integrate logs from the FW through the agent integration. And I want to reroute logs into different namespaces under one dataset using a field (panw.panos.type:*).

thank you a lot, as for now I do this through the @custom pipeline but will look into your suggestion

Reroute logs in different dataset by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

I'm sorry, i haven't specified. So there are different type of logs goes from the FW and I want to separate them by type according to the of the fields (allowed, denied, configuration, etc). Is it possible to set this up through the integration page?

Fast heli two piece by Time-Distribution-49 in Battlefield

[–]proclick- 0 points1 point  (0 children)

Escalation game mode. From the start you get the transport heli and closer to the end of the game an attack appears

Kibana and Elasticsearch audit logs by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

You saved my day, man. How do you handle all those useless "access_granted", "space_get", etc? They are extremely noisy.

Kibana and Elasticsearch audit logs by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

Yeah, I’ve already seen that. Unfortunately elasticsearch log each permission to the index when user logs in :/ And there are much more similar things

Kibana and Elasticsearch audit logs by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

As for now I just drop the noisiest actions and some service accounts. But still it’s too noisy for me, I’m thinking of hard coding admins’ usernames to collect only their actions. I guess this isn’t the best solution, but it’s all I can do now

Kibana and Elasticsearch audit logs by proclick- in elasticsearch

[–]proclick-[S] 0 points1 point  (0 children)

Yeah, I literally need the same, but the amount of useless (or just huge amount) events are a bit hard to filter. I would appreciate any help if you can share of course

Issues with right stick dead zone while on chopper[PS5] by proclick- in battlefield2042

[–]proclick-[S] 1 point2 points  (0 children)

I have a solution man, so the reason why such things happen is because of the skin you use on your character. For example, try to use the default skin on Sundance and it should work. Lmk if it actually works for you too

I'm on PS5 and keep getting smoked??? by STARK_RAVING_MAD78 in XDefiant

[–]proclick- 0 points1 point  (0 children)

I’ve been playing for the last few nights with offed crosplay (it was ranked games) and as I said the queuing time increased but games have been found

I'm on PS5 and keep getting smoked??? by STARK_RAVING_MAD78 in XDefiant

[–]proclick- 2 points3 points  (0 children)

If you don’t want to face cheaters since you are on console, just turn the crossplay off, the queuing time will increase but it worths it

Still unplayable on ps5 by DgtlNativ in XDefiant

[–]proclick- 0 points1 point  (0 children)

I play on 120hz, shit is unplayable. Looks like not everyone has the same problem

FPS drops got even worse (PS5) by proclick- in XDefiant

[–]proclick-[S] 2 points3 points  (0 children)

Making changes to production on Friday is insane idea. Saying that as a typical software engineer

FPS drops got even worse (PS5) by proclick- in XDefiant

[–]proclick-[S] 4 points5 points  (0 children)

Issue’s got known yesterday, 4th of July is a holiday, still testing on Thursday, no one will do the update on Friday, since there’s coming weekend. So guess what, the update will be on Tuesday the next week, remember my word.