alacercogitatus

Btool Output

Oct 7th, 2011
259
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. SplunkDire [ldap:open:audit]
  2. system ANNOTATE_PUNCT = True
  3. SplunkDire BREAK_ONLY_BEFORE = ^#\s+\w+\s+\d+\s+.*$
  4. SplunkDire BREAK_ONLY_BEFORE_DATE = False
  5. system CHARSET = UTF-8
  6. system DATETIME_CONFIG = /etc/datetime.xml
  7. system HEADER_MODE =
  8. system LEARN_SOURCETYPE = true
  9. system LINE_BREAKER_LOOKBEHIND = 100
  10. SA-Identit LOOKUP-asset_lookup_dest_only = asset_lookup_dest_only dest OUTPUT dest_owner,dest_priority,dest_lat,dest_long,dest_city,dest_country,dest_bunit,dest_category,dest_pci_domain,dest_is_expected,dest_should_timesync,dest_should_update
  11. SA-Identit LOOKUP-asset_lookup_dvc_only = asset_lookup_dvc_only dvc OUTPUT dvc_owner,dvc_priority,dvc_lat,dvc_long,dvc_city,dvc_country,dvc_bunit,dvc_category,dvc_pci_domain,dvc_is_expected,dvc_should_timesync,dvc_should_update
  12. SA-Identit LOOKUP-asset_lookup_host_only = asset_lookup_host_only host OUTPUT host_owner,host_priority,host_lat,host_long,host_city,host_country,host_bunit,host_category,host_pci_domain,host_is_expected,host_should_timesync,host_should_update
  13. SA-Identit LOOKUP-asset_lookup_orig_host_only = asset_lookup_orig_host_only orig_host OUTPUT orig_host_owner,orig_host_priority,orig_host_lat,orig_host_long,orig_host_city,orig_host_country,orig_host_bunit,orig_host_category,orig_host_pci_domain,orig_host_is_expected,orig_host_should_timesync,orig_host_should_update
  14. SA-Identit LOOKUP-asset_lookup_src_only = asset_lookup_src_only src OUTPUT src_owner,src_priority,src_lat,src_long,src_city,src_country,src_bunit,src_category,src_pci_domain,src_is_expected,src_should_timesync,src_should_update
  15. SA-AccessP LOOKUP-src_user_account_lookup = user_account_lookup user as src_user OUTPUTNEW is_privileged as src_user_is_privileged,is_default as src_user_is_default,is_watchlist as src_user_is_watchlist
  16. SA-AccessP LOOKUP-user_account_lookup = user_account_lookup user OUTPUTNEW is_privileged as user_is_privileged,is_default as user_is_default,is_watchlist as user_is_watchlist
  17. system MAX_DAYS_AGO = 2000
  18. system MAX_DAYS_HENCE = 2
  19. system MAX_DIFF_SECS_AGO = 3600
  20. system MAX_DIFF_SECS_HENCE = 604800
  21. system MAX_EVENTS = 256
  22. system MAX_TIMESTAMP_LOOKAHEAD = 128
  23. system MUST_BREAK_AFTER =
  24. system MUST_NOT_BREAK_AFTER =
  25. system MUST_NOT_BREAK_BEFORE =
  26. SplunkDire REPORT-AuditUser = loa-audituser
  27. SplunkDire REPORT-MultiValueAudit = loa-MultiValueAudit
  28. system SEGMENTATION = indexing
  29. system SEGMENTATION-all = full
  30. system SEGMENTATION-inner = inner
  31. system SEGMENTATION-outer = outer
  32. system SEGMENTATION-raw = none
  33. system SEGMENTATION-standard = standard
  34. SplunkDire SHOULD_LINEMERGE = True
  35. system TRANSFORMS =
  36. system TRUNCATE = 10000
  37. system maxDist = 100
  38. SplunkDire priority = 100
  39.  
  40.  
RAW Paste Data