What are the options for synchronizing namespace tsidx files in a search head...
One option is obviously to use shared storage. That's a least desirable option. If I schedule the search to run tscollect, it will be run on a random search head in the cluster, right? So another...
View ArticleHow do you set up an alert for when an application process is running or hung?
There are a number of application processes in our environment which either go down or stop responding. I am trying to setup an alert in the event if process is down or hung in Unix/Linux. Can anyone...
View ArticleSplunk Web Cert Self Signing - Invalid Argument
Hi All, I am pretty much a novice on Splunk certificate management. I have ran into an error in trying to self-sign splunk web certs. Command string and output as follows:...
View ArticleHow to hide progress bar above table?
I have an html dashboard with a stats table. The blue progress bar blinks until the search is complete, but then just remains there in the top left corner. Is there a setting to remove/hide the...
View ArticleStorage Estimation : Daily data rate
Hello Folks, I am trying to identify daily data ingestion for indexes. Based on this I want to calcualte storage requirement taking retention/RF/SF into account. I am using below query to identify...
View ArticleHow to use SPL to count the number of clients of a deployment server?
We know we can see the number of clients on the Forwarder Management page of the deployment server, but I want to show it on the dashboard, Can I use SPL to count the number of clients on the...
View Articlemake dashboard more enhanced/beautiful
Is there a way I can use bootstrap or anything in order to make my boring dashboard view to more beautiful and catchy
View ArticleBatch file doesn't work
Hello, I have faced when splunk launch a bat file: ERROR ExecProcessor - message from ""C:\Program Files\SplunkUniversalForwarder\etc\apps\SQLFailed_logon\bin\script\LogCheck.bat"" **set was unexpected...
View ArticleRunning mulitple reports with a certain time gap
Hi everyone, I have 3 reports dependent on the outcome of each other The 1st report generates a FirstReportOutputcsv, which is the input for the Second report The 2nd report generates a...
View Articlehow to find the request per sec by organization ?
Hi I have an event which is comprised of OrgName, RequestName and others. How do i find the the average & max request per sec by OrgName using per_second() function ? I tried doing a timechart of...
View ArticleAny handy way to know what cipher Splunk server support?
I want to tighten the security by only allowing certain cipher to be configured. Any handy tool to check what cipher Splunk currently supported?
View ArticleLeave out timestamp from exported CVS (Scheduled)
Hi all, Splunk newbie here, I've searched the answers but can't find an answer... I have saved a series of searches as reports and scheduled them to run periodically and to e-mail me the output. The...
View ArticleLeave out timestamp from exported CVS filename (Scheduled)
Hi all, Splunk newbie here, I've searched the answers but can't find an answer... I have saved a series of searches as reports and scheduled them to run periodically and to e-mail me the output. The...
View ArticleRestarting Splunk messes up dashboards
I have added libraries on my search app like JQuery-UI and fontawesome icons that I use in my dashboards but for some reason every time I restart Splunk or the search head, the dashboards say they...
View ArticleControl-M (bmc software) integration in Splunk for job scheduling monitoring
Hi all, We wonder to know if there is a way to integrate the alerts generated by Control-M (BMC software tool to manage execution of jobs) in Splunk. We know that Splunk should able to monitor the log...
View ArticleAccessing whole row / other fields in table format colorPalette expression in...
Hello Splunkers, I am developing dashboards in a Splunk instance which I don't manage, so I have little room for adding custom js, and frankly neither do I want to work with CSS and js, to keep things...
View Articlehow to add dynamic conditions?
I want to add dynamic conditions. When June 2018, the query condition was " |search searchDate = 201806 createDate !=“2018/07" "to return n data. When July 2018, the query condition was " |search...
View ArticleChanging Display columns depending on sourcetype
In Dashboard depending on sourcetype selected in the dropdown list, we want to display different fields on the dashboard. Since fields can change in the future we have created a lookup for it. So...
View ArticleHow to write a corn schedule to execute in every 5 mins between 7 am to 12...
How to write a corn schedule to execute in every 5 mins between 7 am to 12 min-night ?
View ArticleSeeing all the forwarded data on indexer but UF is inactive
Hi splunkers , I have forwarded the data using universal forwarder to heavy forwarder and then to indexer , where i am seeing all my data of agent server , but problem is dont know why UF is still...
View Article