XMA: ALERTSTRING SUBSTR can be used to separate date and time from the DateTime string
SUBSTR syntax:
|(SUBSTR(<table>.<column name>,<start>,<length>))|
<table>: either of the following;
- AUDIT: represents the AUDDET table
- SESSION: represents the AUDSESS table
- INSTALL: represents the AUDINST table
<column name>: a column name of <table>
<start>: the position in the column where you want to start. 1 is the first position
<length>: the number of characters you wish to select
Example Separating the date and time from the RECORDLCT DateTime string.
ALERTSTRING date=|(substr(AUDIT.RECORDLCT,1,10))|
ALERTSTRING time=|(substr(AUDIT.RECORDLCT,12,8))|
The above example would display as below:
date= 2022-05-18 time= 04:25:01
Related Articles
XMA: What is the datetime format in REPSAMP?
REPSAMP is the report sample file in the XMA installation subvolume. Datetime format in the REPSAMP is MM-DD :HH . Replace 99-99:99 with the time frame you require. For example, the query below will retrieve records between 8.00pm 2018/05/25 and ...
XMA:An example of XMA FILTER that supports IEFT format messages
ACTION_BEGIN ACTIONTYPE SYSLOGQ IPALERT_MSGDELIMITER CR IPALERT_IPPROCESS $ZTC0 IPALERT_ADDRESS 10.12.34.56 IPALERT_PORT 7890 !== !== ALERTSTRINGs for IEFT format : HEADER + (nil) + MSG !== !== ALERTSTRINGs for HEADER ALERTSTRING <1> VERSION ...
XMA: Send XMA messages to SIEM via HPE SSL proxy
Step 1: initiate an HPE SSL proxy if the HPE SSL Proxy is not running - Mode: PROXYC - SUBNET: the name of the TCPIP stack - PORT: HPE SSL proxy client port, this is the same as the port specified next to the IPALERT_PORT entry in the FILTER ...
XMA:Example of an XMA filter that sends TELSERV connection/disconnect operations to SIEM
If the following PARAM commands were executed at TACL before starting a TELSERV process, XMA could detect TELSERV connection/disconnection operations via EMS Mover that collects EMS messages on <alternate-EMS-collector> and sends Syslog messages to ...
XTR - TRCONF cryptlib error utcTime MIN_STORED_TIME_VAL UE
Verify all the certificate that are available in XYGATETR volume by executing the below command. To verify certificate?s signature, use the following command line options: xycert ?check ?cert:<file> [?cacert:<file>] Command Line Options: -check ...