fix: set time range to all time
https://docs.splunk.com/Documentation/Splunk/9.1.1/SearchReference/Collect#Events_without_timestamps
This commit is contained in:
Ming Di Leom
parent
097ba9a3df
commit
1cd2ec36a8
|
|
@ -3,7 +3,8 @@ action.lookup = 1
|
|||
action.lookup.filename = botnet_ip.csv
|
||||
cron_schedule = */15 * * * *
|
||||
description = Update lookup every 15 minutes from 00:00
|
||||
dispatch.earliest_time = -1h
|
||||
# https://docs.splunk.com/Documentation/Splunk/9.1.1/SearchReference/Collect#Events_without_timestamps
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getbotnetip
|
||||
|
|
@ -13,7 +14,7 @@ action.lookup = 1
|
|||
action.lookup.filename = botnet-filter-splunk.csv
|
||||
cron_schedule = 0 */12 * * *
|
||||
description = Update lookup every 12 hours from 00:00
|
||||
dispatch.earliest_time = -12h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getbotnetfilter
|
||||
|
|
@ -23,7 +24,7 @@ action.lookup = 1
|
|||
action.lookup.filename = opendbl_ip.csv
|
||||
cron_schedule = */15 * * * *
|
||||
description = Update lookup every 15 minutes from 00:00
|
||||
dispatch.earliest_time = -1h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getopendbl
|
||||
|
|
@ -33,7 +34,7 @@ action.lookup = 1
|
|||
action.lookup.filename = phishing-filter-splunk.csv
|
||||
cron_schedule = 0 */12 * * *
|
||||
description = Update lookup every 12 hours from 00:00
|
||||
dispatch.earliest_time = -12h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getphishingfilter
|
||||
|
|
@ -43,7 +44,7 @@ action.lookup = 1
|
|||
action.lookup.filename = pup-filter-splunk.csv
|
||||
cron_schedule = 0 */12 * * *
|
||||
description = Update lookup every 12 hours from 00:00
|
||||
dispatch.earliest_time = -12h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getpupfilter
|
||||
|
|
@ -53,7 +54,7 @@ action.lookup = 1
|
|||
action.lookup.filename = urlhaus-filter-splunk-online.csv
|
||||
cron_schedule = 0 */12 * * *
|
||||
description = Update lookup every 12 hours from 00:00
|
||||
dispatch.earliest_time = -12h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | geturlhausfilter
|
||||
|
|
@ -63,7 +64,7 @@ action.lookup = 1
|
|||
action.lookup.filename = vn-badsite-filter-splunk.csv
|
||||
cron_schedule = 0 */12 * * *
|
||||
description = Update lookup every 12 hours from 00:00
|
||||
dispatch.earliest_time = -12h
|
||||
dispatch.earliest_time = 0
|
||||
enableSched = 0
|
||||
schedule_window = 60
|
||||
search = | getvnbadsitefilter
|
||||
|
|
|
|||
Loading…
Reference in New Issue