The Shodan filter reference only shows a way to search using the hash of all the HTTP headers (http.headers_hash) in a banner. Is there some way to search for specific header fields or values?
You can just search for them directly as they're contained in the main data property of the banner. You don't need to use search filters. For example: https://www.shodan.io/search?query=%22X-Recruiting%3A%22
Related
I have a Splunk dashboard where you have a table with selected encoded identifiers.
You can click on a row and select an identifier as a token which fills additional fields with data. Now on the intranet of my company we have a url where you can enter the encoded identifier and get back the decoded data in a GET request.
Right now I have a single-value field which displays the encoded identifier and when you click on it it makes a call to the decoder and opens the decoded result in a new tab. That's a standard Splunk link.
Is it possible to make Splunk call the URL automatically (do a GET request) when the identifier is selected (the token is set) and retrieve the response data as a string and extract (using regex) and display the decoded data automatically in the single value field?
If not, is it at least possible for Splunk to get the response data as a string instead of opening the result in a new tab when you click on the encoded identifier?
If I understand you correctly, you want to have the drilldown target be an external link.
If that is correct, just put the external URL in the drilldown:
If you want some value from an external link to be pulled-into Splunk, then you'll need to setup another mechanism.
For example, you might have a scripted input that will query an external endpoint, and add results to an index or lookup table.
Or you might utilize a REST endpoint app to achieve something similar.
I have a "copy data" activity making a REST call to get some data in json format. The data should then be transfered to a SQL database.
The problem is I can only get a certain amount of data for the specified HTTP request. For this I need to implement pagination rules, and I have tried to understand this documentation: https://learn.microsoft.com/en-us/azure/data-factory/connector-rest#pagination-support
The HTTP response returns the absolute URL for the next request in the header, with the field named "Link". As I can see in the documentation, it is supposed to be possible to get the value from "Link" and put it into a pagination rule.
As stated in the documentation:
Next request’s absolute or relative URL = header value in current response headers
It says supported pagination keys are AbsoluteUrl, with the value of this should be set like this:
Headers.response_header OR Headers['response_header']
Where the response_header is defined like this in the docs:
"response_header" is user-defined which references one header name in the current HTTP response, the value of which will be used to issue next request.
What I can't seem to understand is how this "response_header" can be set to reference the HTTP response header value of "Link".
You need to replace the 'response_header' placeholder with your header name.
In your case - 'Link'
Or in code editor:
"paginationRules": {
"AbsoluteUrl": "Headers['Link']"
}
I was asked for a usecase where I have to filter ActionEvents on type of Page that action is being is being called from.
Example
use case: I have a login page and I have to capture analytics of its events
Can I do something like this
String json = {"PageLevel":"LoginPage","ActionLevel":"LoginButton"};
WLAnalytics analytics=new WLAnalytics();
analytics.log(message, new JSONObject(json));
Will this work... can we create custom chart with first property being ActionLevel and filter it as per PageLevel.
No this will not work. Custom analytics can only be logged in key value pairs i.e. you cannot send two key value pairs in one JSON object. This is a good idea though, I recommend you submit an RFE.
Submit a Feature Request
When I fetch from a dStore the URL looks something like this
http://localhost/rest/dojo?department=sales
which works fine. If I then click in the header of the dGrid the sent URL looks like this.
http://localhost/rest/dojo?department=sales&sort(+id)&limit(25)
Shouldn't it send &sort=+id&limit=25? I am using Java and Spring for the backend and it expects the parameters to be formatted this way. Right now I can not receive the extra parameters. Is there a way to get it to send the parameters the way Spring is expecting them?
sort(...) and limit(...) are the default behaviors of dstore/Request (which Rest extends), but these can be customized via sortParam for sort, and useRangeHeaders or rangeStartParam and rangeCountParam for range.
For example, to result in &sort=+id&limit=25 as you requested, you could set up your store as follows:
var store = new Rest({
target: '...',
sortParam: 'sort',
rangeStartParam: 'offset',
rangeCountParam: 'limit'
});
I've additionally assumed above that offset is the GET parameter you'd want to use to indicate what record to start at when requesting ranges. Generally if you're not using range headers (useRangeHeaders defaults to false) and you want to set a count GET parameter, you'll also need to set a start GET parameter.
These properties are listed in the Request Store documentation.
I am using the Google Custom Search API to search for images. My implementation is using Java, and this is how I build my search string:
URL url = new URL("https://ajax.googleapis.com/ajax/services/search/images?"
+ "v=1.0&q=barack%20obama&userip=INSERT-USER-IP");
How would I modify the URL to limit search results, for example, to: 2014-08-15 and 2014-09-31?
You can specify a date range using the sort parameter. For your example, you would add this to your query string: sort=date:r:20140815:20140931.
This is documented at https://developers.google.com/custom-search/docs/structured_data#page_dates
Also if you use Google's Java API you can use the Query class and its setSort() method rather than building the URL by hand.
I think the better way is to put this into query itself. Query parameter contains 'after' flag which can be used like:
https://customsearch.googleapis.com/customsearch/v1?
key=<api_key>&
cx=<search_engine_id>&
q="<your_search_word> after:<YYYY-MM-DD>"