Second Dropdown should not have value displayed in 1st dropdown.
Input to splunk is a csv file which has column headers like 'Falcon 15.01.01.03.100', 'Falcon GA 15.01.02.06.1'.. (there are values present under each of these columns in rows). on dashboard, there are...
View ArticleCapture Login Logout times from the log.
Hi Splunk Experts, We have the below log file 40312 [6] DEBUG 2018-09-03 08:28:42.987 TM1.Login Login attempt by client: user1 40312 [6] DEBUG 2018-09-03 08:28:43.007 TM1.Login Login Success: User...
View ArticleCombine Cells based on another column value
Is it possible for splunk to get an output something along the lines of: Source: Col_A | Col_B | Col_C ID_A | log 1 | yes ID_A | log 2 | no ID_A | log 3 | no ID_B | log 4 | no ID_B | log 5 | no sort...
View ArticleSplunk responsible for more than 40% of firewall traffic.
Hello All, I'm working in a huge installation and Splunk is consuming more than 40% of firewall traffic. I don't have details of the Splunk Topology yet, but we have firewall between Splunk Servers and...
View ArticleData Not Onboarding
Hi , i have a Problem i wrote one input.conf file and half of the data is been onboarded and i can see the data in splunk but rest of half of the data from same input.conf file is not onboarded. I...
View ArticleHow to enable rest-api
Hi Team, I'm running Splunk on AWS ec2 instance backed by AWS ALB. I've created target group for port 80,443 & 8089 for splunk. Security groups & network ACL are already opened for these ports....
View ArticleIt´s splunk compatible with Oracle Linux OS?
I have a ODA X5, that is gonna be erased and formatted. Can this system be used for a Splunk deployment. It the application compatible with oracle linux OS.
View Articledropdown list show
I have two dropdown list related to each other. - Dropdown_list 1= red, yellow, orange, blue… - Dropdown_list 1= user_a, user_b, user_c, user_d When I choose a colour in dropdown_list_1, I want...
View ArticleI want 'HF' to forward on 9997 port and send the same data to itself by...
I want `HF` to forward specific logs(tcp input from 514 port) to indexer, and also transfer them itself with syslog format. By the way, I configured like below, but its not working. `props.conf`...
View ArticleHow to sort the month when using the field in Chart Over command
Hi Below is a query which returns the latency over month by cust_id. Events contain fields as month=April, month=May etc ...| chart max(Avg) as Avg, max(Max) as Max, p95(P95) as P95 over month by...
View ArticleHow to get top 20 results by Aggregation method used in Trellis Layout
Hi Below is a query which returns the latency over month by cust_id. Events contain fields as month=April, month=May etc ...| chart max(Avg) as Avg, max(Max) as Max, p95(P95) as P95 over month by...
View ArticleError in 'PivotProcessor': Error in 'PivotUtil': The dataset 'Interface' has...
I have just installed Cisco Networks app and getting this error when I click on Inventory>Interfaces Error in 'PivotProcessor': Error in 'PivotUtil': The dataset 'Interface' has no field 'index'....
View ArticleWhy my searches are only hitting one Indexer in a cluster ?
Hello everyone. I have a multisite Indexer cluster . 2 IDX (IDX01, IDX02) and CM 2 SH with a deployer and a VIP to SH cluster site 1 SH1 IDX01 CM site2 SH2 IDX02 search affinity is enabled. For example...
View ArticleClik here to view.
Issue with image overlay on background
I wanted to overlay image on my dashboard with green light or red light depending on a search result. I'm putting the images and CSS in a separate folder as shown in the code attachment. My expected...
View ArticleCan we setup alerts using REST API, with action to send a POST request at a...
We want to setup alerts using REST API. https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#saved.2Fsearches described how we can do it with POST request to /saved/searches. But this...
View Article_HTTPOUT_ROUTING example
hi all, i read about the _HTTPOUT_ROUTING in outputs.conf at https://docs.splunk.com/Documentation/Splunk/7.1.1/Forwarding/Routeandfilterdatad . Unfurtunatly I didn't find anything in the specfiles or...
View ArticleScheduled Saved Search [CRON */30 * * * *] runs, but result is not refreshed
Hi Splunkers, I have a few saved searches that query SQL DB via dbxquery and perform some calculations. The search CRON schedule is set to `*/30 * * * *`. The dbxquery is something like : `SELECT top...
View Articleno events after data entry
Hello I done a data entry in splunk for the log event below : [WinEventLog://Microsoft-Windows-PowerCfg/Diagnostic] checkpointInterval = 5 current_only = 0 disabled = 0 index = windows start_from =...
View ArticleCan I change the APP folder permission
I want use Git tool to manage the splunk APP code, the Git need write and read permission for the APP folder, but when I create a app by splunk web, the permission of app folder is 'drwx--x---+ 6...
View ArticleConvert time to UK format and to 24 hour time
Hello, I have a field called in_time with example output = 8/31/2018 10:21:59 PM (GMT) I'd like this time (e.g. out_time) to be extracted and converted to read 31/08/2018 22:21:59 Can you help? Many...
View Article