Hello,I had the one more unpleasant surprise after upgrading the
FortiAnalyzer to 7.4.5: several datasets that worked perfectly in 7.0.x
stopped working with strange syntax errors, not being valid anymore.
Also other datasets which were ok before, no...
Hello,After making a research regarding of the (im)possibility to make
it work, and some tests on FAZ 7.4.x, I wonder if this is feasible or
even in the roadmap. Apparently the log parsers can be assigned to a
device only if it is recognized as Forti...
In the meantime something deteriorated inside the box, because I now
receive validation errorMERGE: ERROR: relation "queries" does not exist
LINE 2: ...,q.dt as dt,q.dt-ins.tis as dif,q.dom as dom from queries
q,... ^but the dataset still runs fine:t...
In the meantime, something deteriorated, because even if the code is
unchanged, I get validation errorMERGE: ERROR: relation "queries" does
not exist LINE 2: ...,q.dt as dt,q.dt-ins.tis as dif,q.dom as dom from
queries q,... ^.Still, the sql-query-da...
With the following SQL code I have VALIDATION OK, the dataset runs fine
both in the GUI test run and from CLI exec sql-query-dataset, but I
still have 2 problems: 1) impossible to build a DrillDown-type Chart
because the Aggregation Column offers an ...
Hello Rosa Technocrat, and thank you for your interest in this
problem.The first error when I validate the exact same SQL code is
"ERROR: 'group by' or 'order by' clause is expected in hcache."Then I
tried the following codeDROP table if exists time_...
Hi dingjerry, thanks for your reply. The problem is that I already tried
this, and although in ADOM Syslog I see the device (and also the logs,
but not parsed), even if the Syslog parser was enabled, when I want to
assign it the operation is impossib...
