Harinder Bhandari
- Total activity 145
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 81
Activity overview
Latest activity by Harinder Bhandari-
Harinder Bhandari commented,
Unix epoch timestamps are supported in the following formats: 10 digit epoch time format surrounded by brackets (or followed by a comma). The digits must be at the very start of the message. For e...
-
Harinder Bhandari created an article,
Deprecation notice of AWS NodeJS 12x Lambda functions
On May 25th, 2022, AWS announced the end of support for Node.js 12.x in the AWS SDK starting from November 1st, 2022. Existing Lambda functions based on Node.js 12.x will continue to run according ...
-
Harinder Bhandari commented,
Since your app is logging data to local file system. You can use an installed collector and configure a local file source to upload data to Sumo Logic. Here are steps to install a collector on Lin...
-
Harinder Bhandari commented,
Hi Zack, You can use this search query: _sourceCategory=windows ("4723")| parse regex "\"EventID\"\:\"(?<EventID>.*?)\"," nodrop| parse regex "\"TimeCreated\":\"(?<event_time>.*?)\"," nodrop| pars...
-
Harinder Bhandari commented,
Hi Zack You can use this search using parse regex: _sourceCategory=windows ("4720" OR "4723" OR "4724")| parse regex "\"EventID\"\:\"(?<EventID>.*?)\"," nodrop| parse regex "\"TargetUserName\":\"(?...
-
Harinder Bhandari commented,
Hope you have created an installation token as per steps documented here: https://help.sumologic.com/Manage/Security/Installation_Tokens If it is taking longer than expected to register your colle...
-
Harinder Bhandari commented,
After a partition is created in a given tier, you can't change its tier. If you decide the data should be in a different tier, you must decommission the partition and create a new one.
-
Harinder Bhandari commented,
Can you please try this query: _source="IIS_source" and _collector="test1"| parse regex "(?<server_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (?<method>\S+) (?<cs_uri_stem>\S+) (?<cs_uri_query>\S+) (?<...
-
Harinder Bhandari commented,
Hi Sumit, You should install a collector on the local machine as explained here: https://help.sumologic.com/03Send-Data/Installed-Collectors/03Install-a-Collector-on-Windows Configure a source to a...
-
Harinder Bhandari commented,
You can add either of the built-in-metadata fields like _collector, _sourceCategory,_sourceHost or _sourceName to narrow down the scope of the search. This will you finish the search faster. Also, ...