Splunk Heavy Forwarder and Universal Forwarders
I'm using Splunk Light as an indexer, Splunk Heavy Forwarder for filtering and forwarding and the Splunk Universal Forwarder on a Windows 2012 machine (not on the domain) to test Windows events. I...
View ArticleIs the Box App for Splunk compatible with search head clustering?
Thinking about migrating to a search head cluster environment, trying to narrow down the apps that don't support clustering.
View ArticleHow to get Microsoft Parallel Data Warehouse (PDW) logs into Splunk without a...
We have some MS PDW (parallel data warehouse) servers that are vendor appliances, so we are not allowed to install the forwarder on them. I'm trying to figure out if there is a way to collect the...
View ArticleHow to convert a time field in with the format D.HH:MM:SS to seconds?
Hi, I have execution time in the format of `D:HH:DD:SS` (0:00:00:22 ,0:00:00:55 ) that I need to convert to seconds. Any help is appreciated.
View ArticleWhy do I keep getting "INFO TailReader - File descriptor cache is full (100),...
Hello Getting what I would think is an error, but its listed as info level, not sure what it means INFO TailReader - File descriptor cache is full (100), trimming... Can someone tell me what this...
View ArticleSplunkJS Chart View with predict does not render correctly.
Hi there, I can't seem to get `ChartView` to render correctly. It wants to fan out the upper and lower bounds without overlapping them. When I use ChartJS I get this (Notice the Upper95 are snowing as...
View ArticleWhy did our indexer stop receiving data from all forwarders last night with...
Hi all, Splunk Enterprise 6.2.3 (264376). Overnight, the indexer stopped receiving data from all of the forwarders. Up until that point, it was receiving data from them all fine without issues. The...
View ArticleHow to integrate Splunk with Dell Boomi, Jitterbit, and Adobe Experience...
I have a need to integrate Splunk with Dell Boomi, Jitterbit and Adobe Experience Manager. Any suggestions for any of these platforms?
View ArticleSplunk Audit logs for Microsoft Azure Virtual Machines
Hi Team, I am currently trying to integrate Splunk with Azure, this question may be a simple one: What search queries can I use to find createdInstances of Virtual Machines? I have achieved this...
View ArticleUser session detail not populating
Testing on 6.4 using XenDesktop 7.8. All of the dashboards seem to be populating properly except for "User session detail". Opening the panels in search yields results but I can't figure out why the...
View ArticleHow to change panel backgroung color using css
![alt text][1]Hi, I have 5 panels in a row as shown in screen shot with yellow color heading. I am trying to change the background color of each panel like red background,pink,blue...etc.I used this...
View ArticleSplunk User Roles for iOS Push Notifications
Hello, are there some permissions / user roles in Splunk 6.4 necessary to receive push notification in iOS or Android Splunk mobile App? If I logon with the admin user, everything is fine and I'm...
View ArticleRetention Policy - Keep only 3 months of data
Hi, may i know how to configure Splunk to only retain a rolling window of 3 months of logs data? I'm completely new to the retention policy so any help or step by step instruction will be greatly...
View Articleplacing table field in variable
Hi i'm trying to to make a custom dashboard. This is wat i got so far. I got an image as background of the environment with on it images that change with a range map. Things like cpu and netdata and...
View Articlehow to integrate splunk dashboard with a third party application?
Well, I have not faced this situation yet but would like to know how to achieve this. Let's say, we have an application that publishes a dashboard for which the data is originated from splunk. Now, if...
View ArticleHow to change charting.fieldColors through JS
Hi all, Setting "charting.fieldColors" in XML always works, but it failed when I try to change this value through js. My code is like this: var chartview = mvc.Components.get("chartid");...
View Articlehow to display common results from two index
Hi, i have 2 indexes index=abc & index=xyz Index abc has following values ID.......Type Name class Address 001....A.......Tejas....12A...India 002....A.......Jhon.....11A...USA...
View ArticleSperating a log file values in different filed seperated by comma
Hi All, I have logs in Splunk separated by comma e,g A ,B,C,D,E,F,.,., everything is separated by comma , now I want o place the value in between every comma in a separate field of splunk , Request you...
View ArticleDB Connect 2.2.0 not working in SHC
I upgraded to DB Connect 2.2.0 as it was mentioned to work well in the SHC. In the Dev SH, everything works perfectly. However, in the SHC, I get this error: > External search command 'dbxquery'>...
View ArticleMaking search time extracted fields visible in exported CSVs?
I'm using this method to run a search and export the results to a CSV: http://docs.splunk.com/Documentation/Splunk/latest/Search/Exportsearchresults#Export_using_the_Splunk_Enterprise_REST_API The...
View Article