Access official resources from Carbon Black experts
Cb Response 5.x, 6.1
How to determine chatty processes/hosts for potential ingress filtering and additional suppression in the CbEvents Solr Core, and then upload it to Alliance servers.
cat /etc/cb/cluster.conf
curl "http://127.0.0.1:8080/solr/0/terms?terms.fl=path_full&terms=true&terms.limit=50&indent=true" > "/tmp/$(hostname)_procs_pathfull.txt" | /usr/share/cb/cbpost /tmp/$(hostname)_procs_pathfull.txt
curl "http://127.0.0.1:8080/solr/0/terms?terms.fl=parent_name&terms=true&terms.limit=50&indent=true" > "/tmp/$(hostname)_parentprocs.txt" | /usr/share/cb/cbpost /tmp/$(hostname)_parentprocs.txt
curl "http://127.0.0.1:8080/solr/0/terms?terms.fl=hostname&terms=true&terms.limit=50&indent=true" > "/tmp/$(hostname)_hosts.txt" | /usr/share/cb/cbpost /tmp/$(hostname)_hosts.txt
curl "http://127.0.0.1:8080/solr/reader/terms?terms.fl=path_full&terms=true&terms.limit=50&indent=true&wt=..." > "/var/log/cb/solr/$(hostname)_procs_pathfull.xml" && /usr/share/cb/cbpost /var/log/cb/solr/$(hostname)_procs_pathfull.xml
curl "http://127.0.0.1:8080/solr/reader/terms?terms.fl=hostname&terms=true&terms.limit=50&indent=true&wt=x..." > "/var/log/cb/solr/$(hostname)_hosts.xml" && /usr/share/cb/cbpost /var/log/cb/solr/$(hostname)_hosts.xml
curl "http://127.0.0.1:8080/solr/reader/terms?terms.fl=parent_name&terms=true&terms.limit=50&indent=true&w..." > "/var/log/cb/solr/$(hostname)_parent_process.xml" && /usr/share/cb/cbpost /var/log/cb/solr/$(hostname)_parent_process.xml
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.