fingerstatus command

Ever wonder if an user@address in your event has a finger server running? This could be one of your own addresses in your data center where running a finger server is supposed to be prohibited. This is a Splunk command called fingerstatus that returns in realtime a status to see if finger response is available for the user@address in question. Usage: | fingerstatus The distribution comes with a finger.log file that gets indexed into your sample index. You can do things like: index="sample" sourcetype="finger_addresses" address!="" | dedup address | rename address as finger_address | fingerstatus|table finger_address, fingerstatus Read the README.txt for installation notes. Since this is going to the internet to retrieve status, it is best to test it with a few addresses at a time or send the search to the background.

Built by Nimish Doshi

Latest Version 1.0.2

April 22, 2024

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2

Rating

0

(0)

Log in to rate this app

Support

Not Supported

Learn more

Ever wonder if an user@address in your event has a finger server running? This could be one of your own addresses in your data center where running a finger server is supposed to be prohibited. This is a Splunk command called fingerstatus that returns in realtime a status to see if finger response is available for the user@address in question. Usage: | fingerstatus The distribution comes with a finger.log file that gets indexed into your sample index. You can do things like: index="sample" sourcetype="finger_addresses" address!="" | dedup address | rename address as finger_address | fingerstatus|table finger_address, fingerstatus Read the README.txt for installation notes. Since this is going to the internet to retrieve status, it is best to test it with a few addresses at a time or send the search to the background.