Harinder Bhandari

Total activity 73
Last activity July 29, 2020 04:14
Member since March 27, 2015 19:12

Following 0 users
Followed by 0 users
Votes 0
Subscriptions 43

Activity overview

Latest activity by Harinder Bhandari

Harinder Bhandari created an article, July 29, 2020 04:14
Experiencing integration issues with the CrowdStrike threat intelligence database.
1. Using Sumo Logic
2. Alerting and Scheduled Search
We are currently experiencing integration issues with the CrowdStrike threat intelligence database. In order to resolve this issue, we have had to pause our data synchronization. This means that th...
- Harinder Bhandari
- July 29, 2020 04:14
- Updated
- 1 follower
- 0 comments
- 0 votes
Harinder Bhandari created an article, July 16, 2020 22:38
Experiencing ingestion issues for G-Suite Apps Audit sources
1. Data Management
2. Sources
We are currently experiencing ingestion issues for G-Suite Apps Audit sources. These sources are affected: - Google Admin- Google Calendar- Google Drive- Google Login- Google Token For some custome...
- Harinder Bhandari
- July 16, 2020 22:41
- Updated
- 1 follower
- 0 comments
- 0 votes
Harinder Bhandari commented, July 16, 2020 19:12
You can aggregate the data and remove the _count field using the "field" operator. Can you try this search: _collector=*.app.sce.prd-* and _sourceCategory=ecs and "TaskStatus: (RUNNING->STOPPED)"| ...
- View comment
- Harinder Bhandari
- July 16, 2020 19:12
- 0 votes
Harinder Bhandari commented, July 13, 2020 22:17
A Keyword Search Expression defines the scope of data for the query and is always more efficient than using "where" operator. By default, keyword expressions are case-insensitive. Technically there...
- View comment
- Harinder Bhandari
- July 13, 2020 22:17
- 0 votes
Harinder Bhandari commented, July 07, 2020 05:07
Can you please try with the July password: Sum0L0gic20!
- View comment
- Harinder Bhandari
- July 07, 2020 05:07
- 0 votes
Harinder Bhandari commented, June 20, 2020 22:54
Sumo Logic has a feature called Surrounding messages that allow you to investigate events surrounding a message from the context of the Host, file name, or category identified enabling you to view ...
- View comment
- Harinder Bhandari
- June 20, 2020 22:54
- 0 votes
Harinder Bhandari commented, June 20, 2020 22:47
Can you provide more information about your query and what you are trying to achieve?
- View comment
- Harinder Bhandari
- June 20, 2020 22:47
- 0 votes
Harinder Bhandari commented, June 20, 2020 22:43
Yes, it is possible to create an alert for Windows Defender Logs based on a certain Event ID. For example, Event ID 5001 _sourceCategory="windows/events/windows_defender"| parse "EventCode = *;" as...
- View comment
- Harinder Bhandari
- June 20, 2020 22:43
- 0 votes
Harinder Bhandari commented, June 18, 2020 17:11
Right now we do not have CRUD API for dashboards. We have a feature request pending for this here:https://ideas.sumologic.com/ideas/SL-I-2454 We are working on this feature actively and will be rel...
- View comment
- Harinder Bhandari
- June 20, 2020 22:55
- Edited
- 0 votes
Harinder Bhandari commented, June 12, 2020 21:53
You can use Webhook payload variables in the JSON payload object to send the fields you want to your webhook. If you need to use custom field, you can use {{Results.fieldname}} to customize your pa...
- View comment
- Harinder Bhandari
- June 12, 2020 21:53
- 0 votes