Community discussions

Search found 26 matches

by MSandoval
Fri Nov 30, 2018 3:45 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)

Hello everyone, I have a problem with module MikroTik_Traffic section Public IP . when reviewing this, I found a small error when declaring the variable host, in this case that variable is capitalized H ost, it does that the section does not work, changing this I achieved that it works correctly. <t...
by MSandoval
Mon Nov 26, 2018 9:41 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)

Great, you're right, forget that each module has a drop-down menu Hosts. I'm going to try it and anything I write. Thanks again.
by MSandoval
Mon Nov 26, 2018 8:45 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)

Hello Jotne and the whole community. First I want to tell you, good job, really good jobs, and thanks for sharing with us Jotne. Secondly I have a question, in version 2.4 I see in the record that wrote "List of devices" this function indicates that it already supports multi-router log ?, in such ca...
by MSandoval
Tue Jul 31, 2018 12:36 am
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.1 (Graphing everything)

Testing all the modules, I realized that the MikroTik Wifi connection module was not working at all. Since I did not bring data from the Connected section, I only showed data in Disconnected. http://subirimagen.me/uploads/20180730163143.jpg http://subirimagen.me/uploads/20180730163143.jpg What I fou...
by MSandoval
Sat Jul 28, 2018 6:35 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.0

Hi Jotne. Hi. I have three specific issues that happen to me when I mount the new version. The first is a warning that issues when I start splunk in the props.conf configuration file. Attached image. http://subirimagen.me/uploads/20180728073918.jpg http://subirimagen.me/uploads/20180728073918.jpg Th...
by MSandoval
Fri Jul 27, 2018 3:04 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)
Replies: 96
Views: 10027

Re: Using Splunk to analyse MikroTik logs 2.0

Hi Jotne. Really is a Great Job, thank very much to share this new version. I'll try it and I'll update the post.

:D
by MSandoval
Tue Jul 17, 2018 7:28 pm
Forum: Scripting
Topic: DNSdynamic script for RouterOS v6
Replies: 3
Views: 352

Re: DNSdynamic script for RouterOS v6

if you want you can use the DNS options that the mikrotik brings. IP > Cloud - DNS Enable And then use the DNS name that give you. I hope can help you. And very important. I recommend you delete your information about your loggin in the dnsdynamic.org. because any can loggin and use that information...
by MSandoval
Tue Jul 17, 2018 4:04 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

@Jotne

Thank you very much for all your time and knowledge. Again, I congratulate you on this project and I am waiting for your updates.
As I told you if you need to try something, you can contact me and let's try it. Thank you very much.
by MSandoval
Thu Jul 12, 2018 11:11 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Ok sorry for Quote all your message. I changed all the settings in my mikrotik and snmp-plugin in splunk for version 2c. And execute the command with this result. snmpget -v2c -c public 192.168.1.1 .1.3.6.1.2.1.1.3.0 iso.3.6.1.2.1.1.3.0 = Timeticks: (23825500) 2 days, 18:10:55.00 and apparently I th...
by MSandoval
Thu Jul 12, 2018 5:24 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

You have problem with getting SNMP data From the linux server try this: (change your.mikrotik.ip to your actual IP) snmpget -v2c -c public your.mikrotik.ip 1.3.6.1.4.1.14988.1.1.3.10.0 iso.3.6.1.4.1.14988.1.1.3.10.0 = INTEGER: 470 enabled: yes contact: USA location: under water engine-id: trap-targ...
by MSandoval
Wed Jul 11, 2018 9:53 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Line 3 is to one who sends logs to external server /system logging action print detail Flags: * - default 0 * name="memory" target=memory memory-lines=1000 memory-stop-on-full=no 1 * name="disk" target=disk disk-file-name="flash/log" disk-lines-per-file=1000 disk-file-count=2 disk-stop-on-full=no 2...
by MSandoval
Wed Jul 11, 2018 7:28 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Its not equal. It seems to works some different when you have stuff together. You do see SNMP logs from syslog, you should not see those message. Well, I changed my settings to be exactly like yours, now I'll wait to see what happens. Thank you very much for your time and patience !! /system loggin...
by MSandoval
Wed Jul 11, 2018 4:01 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

This is the log from SNMP not the SNMP data. I do always set up så that I do not log snmp logs. You should setup some like this: /system logging> print detail Flags: X - disabled, I - invalid, * - default 0 X* topics=info prefix="" action=memory #default 1 * topics=error prefix="" action=memory #de...
by MSandoval
Tue Jul 10, 2018 10:33 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

uPnP gets data from a script. What do you get when run this from within linux /opt/splunk/etc/apps/MikroTik/bin/mikrotik_upnp.sh Temperature is SNMP based What do you get when search for SNMP* NB uppercase What you did search for is the log for snmp message in the MikroTik log not for the SNMP mess...
by MSandoval
Fri Jul 06, 2018 7:15 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Hi Jotne: Summing up, I already managed to make almost all the modules work. The only things that do not work for me are MikroTik uPnP and MikroTik Vol / Temperatur. In both modules he says "No results found." For the MikroTik Vol / Temperatur module perform the following: In the Mikrotik - System -...
by MSandoval
Mon Jul 02, 2018 8:59 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

It has to do with the time schedule. You could either sample more often, example every minute insted of every 5 minutes. But this would then load the MikroTik more. Or you could zoome out showing over a bigger time periode. Example last 4 hour insted of last hour. Your first graph goes from 5:25 to...
by MSandoval
Sat Jun 30, 2018 12:01 am
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Jotne Hi, I have a doubt. Is it normal for this graphic to show it that way? http://subirimagen.me/uploads/20180629155928.jpg http://subirimagen.me/uploads/20180629155928.jpg because before he showed it to me like this: http://subirimagen.me/uploads/20180629155744.jpg http://subirimagen.me/uploads/2...
by MSandoval
Thu Jun 28, 2018 11:19 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

You are welcome. Its not always easy to recreate steps done to get it to work. I would love if I could these type of data us SNMP instead for script, or Router could send it out as a bulk of data every x second to Syslog. You should see what data you have and then try to figure how to present it. D...
by MSandoval
Thu Jun 28, 2018 10:50 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Ups It looks correct from the foto, so you got communication. Found one more important setting that needs to be turned on. Accounting. Web Gui IP-> Accounting -> Enable Accounting -> mark - Apply I have set threshold to 2560 (not sure what is default) Updated 1st post. Yeah!!! Only that important c...
by MSandoval
Thu Jun 28, 2018 9:07 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

I do not see your picture in your post, so can not see what is wrong. But I did find some important thing that i did forget. After you have copied the files to the splunk, you do need to do this. NB!! files in folder splunk/etc/apps/MikroTik/bin needs to be executable. Do this: chmod +x *.sh Thanks...
by MSandoval
Thu Jun 28, 2018 2:18 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

keep in mind logging uses CPU resources, if you log very frequent actions you will have significant increase on CPU usage If I know, but in my case the use of my CPU is more than calm and we'll see later. http://subirimagen.me/uploads/20180628061611.jpg chechito you use this app to monitor your mik...
by MSandoval
Wed Jun 27, 2018 11:06 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Look in this folder: splunk/etc/apps/MikroTik/bin There you should have these files: dsa_mikrotik_private mikrotik_accounting.sh mikrotik_dhcp_pool_information.sh mikrotik_upnp.sh When in the bin filder run the DHCP script like this: ./mikrotik_dhcp_pool_information.sh You should no see what is goi...
by MSandoval
Mon Jun 25, 2018 3:50 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

You are welcome. You need to get this to work: https://wiki.mikrotik.com/wiki/Use_SSH_to_execute_commands_%28DSA_key_login%29 It shows all steps needed to preform. If the example does not work, then Splunk will neither. Hello, thanks for answering. Try that tutorial but I can not make it work as in...
by MSandoval
Fri Jun 15, 2018 7:04 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 13036

Re: Using Splunk to analyse MikroTik logs

Hello to the whole community. Jotne thank you very much for all your work, the truth is great. I was able to make almost everything work. I just can not make the following work: MikroTik uPnP MikroTik Firewall data usage Mikrotik DHCP pool information The rest works well for me. I created the dsa ce...
by MSandoval
Thu Mar 01, 2018 4:16 pm
Forum: General
Topic: Help. what would be the best solution?
Replies: 0
Views: 141

Help. what would be the best solution?

Hello community, today I am writing to request your collaboration. I have a network with 3 subnets: I exemplify below IP PUBLIC Service - 12.116.188.0/24   Server 1a: 12,116,188.41 Network B - 192.168.11.0/24   router 1b: 192.168.11.1 MIKROTIK RB2011   Computer 2b: 192.168.11.194 Network C - 192.168...
by MSandoval
Thu Mar 01, 2018 4:02 pm
Forum: General
Topic: what would be the best solution? routing or marking?
Replies: 0
Views: 121

what would be the best solution? routing or marking?

Hello community, today I am writing to request your collaboration. I have a network with 3 subnets: I exemplify below IP PUBLIC Service - 12.116.188.0/24   1a Server: 12,116,188.41 Network B - 192.168.11.0/24   1b router: 192.168.11.1 MIKROTIK RB2011   Computer 2b: 192.168.11.194 Network C - 192.168...