Picking the right HDD, SSD
Hello everyone, Could anyone post a typical HDD profile detailing what a medium and high end HDD could be for Splunk. Also for SSD. ( Links more details about picking the right disk for Splunk...
View ArticleRetrieve lookup data with JS
Hello splunkers, i'm gonna try to be short, I'm trying to create an HTML homepage for Splunk APP and I've been trying to get some information through a lookup without splunkJS or any splunk code (i'm...
View Articlechange column name with specified new column value in Splunk
Hi, I am having correct value in current field and want to use that value as column name which is currently showing as A. Please help to solve this issue. For any other information please let me know....
View ArticleHow to make a web service call from the dashboard?
I want to call a web service from the dashboard using post method from the UI. How to define the web service in the app?
View ArticleGraylog whitelist\blaclist?
I am using Graylog (winlogbeats) to forward windows events to a Linux based UF. I have a props.conf on my indexer and SH to set field alias since Graylog forwards fields with a winlogbeats preface. I...
View ArticleData loss after a week for an Index in Splunk
I have around 700 forwarders send the data to splunk and no index will keep data longer than 90 days. My indexed data seems to be fine for last one week. However, If i go for search before a week,...
View Articlesplunk and task manager
hello i begin with splunk and i have Something complex to need i need to index the data coming from the Windows task manager, tab "détails" in fact i want to index the processor and the memory usage...
View ArticleNot able to override default font colour of single-value label field
Hi Team, I am using dark.css in y dashboard and everything is becoming black including the lable font of a single value Visualizations . How to change the label font clour so that font colour of...
View ArticleParameter passing between 2 searches as input as well as output
HI All, I need to give input from search1 to search2 and then get a single result from search 2 with the values from search 1. For example, in the tables below, the correct Main_Ticket for Z4563A/B/C/*...
View Articlewhat is the endpoint for splunk to export user session from dynatrace?
i have attached snapshot which i have done for elastic search , want same to do with splunk enterprise to export user session from dynatrace. Please suggest ![alt text][1] [1]:...
View ArticleSearch for average data indexed over 30, 60, 90 days by index
Splunkers, Looking for a search string that will allow me to use the time picker to see how much data has been indexed over 30, 60, 90, etc days by index. I tried a few searches but had no luck. Any...
View ArticleWant to combine all the source types in single search result.
I have almost 19 different indexes, which was already mentioned in my inputs.conf file. But today I got to know that the source type are not same for the same log files which are indexing daily on the...
View ArticleDashboard form to create a new event type
Hello all, I have a dashboard that contains a panel with 'Statistics Table' visualization of search results. I use that type of visualization to have a list of 10 single-line records per page. I don't...
View ArticleWhy is my scheduled search so much quicker than my adhoc search?
Hi, I have a number of scheduled searches which run significantly faster than the same search run from the search-bar. I have no idea why this would happen - are there some settings that might cause...
View ArticlePowerShell Logging- Blacklist everything except Event Code 4104 & Level: Warning
We are attempting to ingest server powershell logging into Splunk. We found that ingest all the data was noisy and want to reduce the data ingested to what we really care about. Our goal is to only...
View ArticleSplunk on local machine fails to install apps from file
I'm trying to install [Splunk Security Essentials for Fraud Detection](https://splunkbase.splunk.com/app/3693/ "SSE for Fraud Detection") on my local machine that I use for practicing with Splunk, and...
View ArticleInstalling Tripwire Enterprise Add-On
Can anyone give fairly detailed instruction on how to install the Tripwire Enterprise AddOn. Our Splunk configuration is 5 servers, a search head server, 2 indexers, a heavy forwarder, and a deployment...
View ArticleScheduled reports: jobs are running fine, but the reports aren't refreshed...
Hi, I'm having a bit of a struggle with a few of my scheduled reports. The reports aren't being updated while the jobs are finishing and producing results. Example scenario: my reports are scheduled to...
View ArticleSplunk Add-on for Box and multiple Box tenants
We have a customer that has two Box tenants for legal separation but would like to use a single Splunk instance for event tracking. A previous question in 2016 asked a question which hinted that it...
View ArticleHow to search for average data indexed over 30, 60, 90 days by index?
Splunkers, Looking for a search string that will allow me to use the time picker to see how much data has been indexed over 30, 60, 90, etc days by index. I tried a few searches but had no luck. Any...
View Article