Community discussions

Search found 13 matches

by stuartkoh
Wed Sep 25, 2019 3:40 pm
Forum: RouterOS v7 BETA
Topic: Torrent client
Replies: 25
Views: 4138

Re: Torrent client

But one should never do a network wide upgrade: it should be staged - at least to minimize the convergence time of routes and everything else. I don't want to imagine 10k routers rebooting a few minutes apart one from another. ok, further info about the upgrade process - something that was ingeniou...
by stuartkoh
Wed Sep 25, 2019 3:37 pm
Forum: RouterOS v7 BETA
Topic: Torrent client
Replies: 25
Views: 4138

Re: Torrent client

but i do support the exile of QuickSet. in my opinion quickset could be replaced by an IOS/Android app, that is solely dedicated for regular home users. I guess I'm not a regular home user, because I found QuickSet to be quite useful when I first bought my hAP ac² and would have been upset if I had...
by stuartkoh
Sat Aug 24, 2019 5:29 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

For me it then sounds like you have a time problem. Its important that all clock is synced by using NTP. Look at time on your router and on Splunk server. It should be within the same second. Yes! What Jotne said! :-) It is extremely important to make sure the clocks on your devices and your Splunk...
by stuartkoh
Sat Aug 24, 2019 5:24 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

See if your prefix is correct at section 2b. On wrong characters and it break all. You can also do a search with only a start * and set it to last 24 hour and see what data you get. Yes it's correct, if I do that search last packet is 2 ours ago now while the counter is increasing Sometimes Splunk ...
by stuartkoh
Sat Aug 24, 2019 5:05 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

BTW, Packt is giving away a free copy of a decent book on Splunk today. https://www.packtpub.com/free-learning Implementing Splunk 7 - Third Edition James D. Miller Mar 2018 576 pages What will you learn Enrich machine-generated data and transform it into useful, meaningful insights Perform search o...
by stuartkoh
Sat Aug 24, 2019 5:00 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

After I posted this reply I realized that I goofed. I didn't read the post I replied to very well. I looked at the event you posted and just looked at the timestamp at the beginning of it and completely missed that it was a Splunk internal log. So you can probably ignore what I had posted shown belo...
by stuartkoh
Sat Aug 17, 2019 4:10 pm
Forum: General
Topic: I'm sure Mikrotik has a legit response to this...
Replies: 14
Views: 1619

Re: I'm sure Mikrotik has a legit response to this...

The response that Normis gave is equivalent to saying, "I don't have AIDS" when he should be able to be saying, "I don't have AIDS and I always wear a condom too." We don't just want Mikrotik to be looking for and fixing vulnerabilities, we also want modern development and design practices that pre...
by stuartkoh
Sat Aug 17, 2019 3:52 pm
Forum: General
Topic: I'm sure Mikrotik has a legit response to this...
Replies: 14
Views: 1619

Re: I'm sure Mikrotik has a legit response to this...

What is he even referring to? Is it a reply to some paper discussing number of vulnerabilities in router products? Where is it to be found? I found an article here: https://securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/ I also looked at the website of the or...
by stuartkoh
Sat Aug 10, 2019 9:00 pm
Forum: General
Topic: A serious issue on RB4011 after upgrade to RouterOS version 6.45.2
Replies: 11
Views: 1995

Re: A serious issue on RB4011 after upgrade to RouterOS version 6.45.2

I prefer to stay on 6.45.1 until Mikrotik team stops this storm of bugs and lets the community know we can safely update avoiding significant issues. Otherwise will have to think twice if it's worth using Mikrotik hardware once you may quite unexpectedly get a swarm of bugs and issues. They do warn...
by stuartkoh
Sat Aug 10, 2019 8:50 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

I also wanted to note that I'm not advocating that anyone switch from rsyslog or whatever they're currently using to syslog-ng unless they have good reason to do so. I don't even really have an opinion on how they compare. I've been working with syslog-ng a bit so that's what I'm familiar with. I'm ...
by stuartkoh
Sat Aug 10, 2019 8:31 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

If any is interested, I have a rather complex rsyslog to handle non standard syslog packed that also add time stamp if that is missing on incoming packets. I think that syslog-ng has an option that can be used to do this. keep-timestamp() Description: Specifies whether syslog-ng should accept the t...
by stuartkoh
Sat Aug 10, 2019 2:28 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 234
Views: 74223

Re: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved

It need to be UDP/514. Its there Router OS sends its syslog. But: If you use UDP/514, you need to run Splunk as root user. (allow ports below 1024 need root permission) If you can not do that, there are two workaround. 1. Send syslog to other port above 1023, like 1514 for UDP syslog. 2. Set up a l...
by stuartkoh
Tue Apr 09, 2019 2:58 pm
Forum: Wireless Networking
Topic: Cap AC, Hap AC2 or UniFi?
Replies: 38
Views: 10454

Re: Cap AC, Hap AC2 or UniFi?

I'm actually very happy with the hAP ac2. My home is of wood construction, is single story, and about 185 m^2. We have a couple of tablets, a couple of smartphones, a couple of laptops, and an Amazon Fire stick on the TV. We occasionally have house guests that add another 1 or 2 phones and perhaps a...