Hi,
The Correlation Events received via eStreamer are processed by eNcore app in a wrong format for SRC and DEST IP addresses fields, which are presented as INTEGER values, rather than IPs.
per example:
rec_type=112 rec_type_desc="Correlation Event" src_ip=3117469894 dest_ip=182909563
Can you fix it please?
Thank you
Any chance you had Meta Data switched off on the FMC estreamer configuration page? We haven't seen this on other customer sites.
Hi,
We've fixed this issue by modifying the following lines into the encore\estreamer\definitions\blocks_series1.py
...127
BLOCK_USER_LOGIN_INFORMATION_54: [
...
{ 'type': TYPE_IPV4, 'name': 'ipv4Address' },
{ 'type': TYPE_IPV6, 'name': 'ipv6Address' },
...
It would be great if the author of this app will submit these changes for the next release.
Thank you
Hi mcatanoi,