SOC PrimeJan 17, 2025

Dive into the #KnowledgeBits digest packed with useful tips and insights – your go-to for #Elasticsearch know-how:

πŸ”Έ Elasticsearch: Cluster Status is RED - https://socprime.com/blog/elasticsearch-cluster-status-is-red/
πŸ”Έ Additional Settings for Optimizing Elasticsearch Cluster Performance - https://socprime.com/blog/optimizing-elasticsearch-cluster-performance/
πŸ”Έ How to prevent BufferOverflowError - https://socprime.com/blog/how-to-prevent-bufferoverflowerror/
πŸ”Έ Optimizing Elasticsearch Master Node for Cluster Stability - https://socprime.com/blog/knowledge-bits/optimizing-the-elasticsearch-master-node-for-cluster-stability/
πŸ”Έ Monitoring Index Size Trends in Elasticsearch: Monthly and Daily Statistics - https://socprime.com/blog/knowledge-bits/monitoring-index-size-trends-in-elasticsearch/

Sharpen your skills, share thoughts in comments, and stay tuned for more updates from SOC Prime experts!

Elasticsearch: Cluster Status is RED - SOC Prime

Learn how to manage situations when your Elasticsearch cluster gets Yellow or Red status

SOC Prime
SOC PrimeDec 23, 2024

Find out how ArcSight administrators can replace the self-signed certificate for the ArcSight Manager. The following step-by-step guidelines will help you maintain secure communications and stay aligned with best practices for certificate management:

https://socprime.com/blog/arcsight-administrator-guide-renewing-the-self-signed-certificate/

#knowledgebits #arcsight

SOC PrimeDec 20, 2024

Friday’s here, and so is the Knowledge Bits Digest! πŸ’‘
This time, we’ve gathered a set of practical tips and actionable insights for #Splunk users. Dive into the latest articles from SOC Prime experts to sharpen your skills:

Splunk: Using collect Command for Creating New Events in a New Index
https://socprime.com/blog/collect-command-for-creating-new-events-in-a-new-index/
Using map Command in Splunk
https://socprime.com/blog/using-the-map-command-in-splunk/
Splunk: How to Write a Query to Monitor Multiple Sources and Send Alert if they Stop Coming
https://socprime.com/blog/splunk-how-to-write-a-query-to-monitor-multiple-sources-and-send-alert-if-they-stop-coming/
Fields Aren’t Always Faster, Keyword Searches to Speed Up Splunk
https://socprime.com/blog/fields-arent-always-faster-keyword-searches-to-speed-up-splunk/
Making Use of Fillnull and Values() to Increase Rule Resiliency in Splunk
https://socprime.com/blog/fillnull-and-values-to-increase-rule-resiliency-in-splunk/
Creating Macros for Code Reuse in Splunk
https://socprime.com/blog/knowledge-bits/creating-macros-for-code-reuse-in-splunk/
Splunk: How to Make Lookup Based on Wildcards
https://socprime.com/blog/splunk-how-to-make-lookup-based-on-wildcards/
Splunk: How to Output Nested json as One Field
https://socprime.com/blog/splunk-how-to-output-nested-json-as-one-field/
Learn, engage, and stay tuned to foster knowledge-sharing together!

#KnowledgeBits #SOCPrime

Splunk: Using collect Command for Creating New Events in a New Index - SOC Prime

Explore how to use the COLLECT command for creating new events in a new index in Splunk from our blog.

SOC Prime
SOC PrimeDec 19, 2024
Learn how Elasticsearch administrators can simplify & troubleshoot cluster management using the Dev Tools Console in Kibana.
Check out all of the essentials in our blog post:
https://socprime.com/blog/essential-dev-tools-commands-for-elasticsearch-opensearch/
#knowledgebits #elasticsearch #opensearch
Essential Dev Tools Commands for Elasticsearch & OpenSearch Administrators - SOC Prime

Learn more about essential Dev Tools Console commands in Kibana to simplify cluster management and troubleshooting as Elasticsearch admin.

SOC Prime