Alert (with a chart) when latest occurrences of some of the rows is over a...
New Splunk user here. I've searched and seen a lot of questions and answers that were similar to mine, but none that were close enough to help me figure out what to do in my exact scenario. So, here...
View ArticleSplunk Add-On for Google Cloud Platform: Splunk Add-on REST Handler...
Splunk Add-on REST Handler ERROR[1021]: Fail to decrypt the encrypted credential information - Failed to get credentials The JSON object that I am getting from my Google Service account appears to not...
View ArticleAfter grouping by Date how can I SUM against a column?
I am running the following query index=security sourcetype=WeatherUnderground | eval Date=strftime(_time,"%m/%d/%y") |stats latest("current_observation.precip_today_in") as DailyRainfall by Date |...
View ArticleQuery to calculate age of event vs bucket LMOD? This is in order to exclude...
I'd like to quickly find out the age of the oldest event in each of my indexes is. However, I have bad timestamps which throw off my query. Is there a way to exclude events that are far away from the...
View Articleassets and identities lookups not merging into identities_expanded.csv in...
why are my lookup files not being merged into identities_expanded.csv ?
View ArticleCan I get a list of all accounts across SHC?
Hi, Is there a way to get a list of all accounts across a SHC?
View ArticleHow do I extract data from this aide output
All, I had originally handles this with HUGE pile if SED commands and loops in a BASH script. But I am thinking there has to be a "Splunk" way of extracting these field. Start timestamp: 2016-06-11...
View ArticleHELP! Upgrade failing...
Hi, We are in the process of upgrading from 6.1 to 6.4.1 and are receiving the following error on our SH. (We are using SHP). An unforeseen error occurred: Exception: , Value: 'NoneType' object has no...
View ArticleBrowsing history analysis app not working
I have just installed Browsing history analysis app and when i tried to launch it, it is saying no result found. Can some one please help me with it.
View ArticleConfiguring X-XSS-Protection security header
Hello Team, I am quite new here. Just wanted to know that where can we configure X-XSS-Protection security header in Splunk?
View ArticleFirst Time Running Error - Mac OS
Trying to install and run for the first time on my Mac Mini. Here is my error: Williams-Mac-mini:bin williamgage$ ./splunk start --accept-license This appears to be your first time running this version...
View ArticleCount and display the TOP10 words occurrences from an event?
Hello everyone, I'm trying to count every occurrences words from all events and get a TOP 10. Each sentences is an event: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial Service...
View Articlerelating fields with eval
I have two fields (different sourcetypes) that have a Node ( for example: node001) and NodeID (example: 1) How would i extract Node to NodeID dealing with the leading zeros?
View ArticleCount the movement (add remove) of hosts
If I add 1 host and remove another host in a month, the stats will be the same and the delta zero but we had movement. Thats what im trying to track. This is what i have so far: | timechart span=1m...
View ArticleForm with a multi-value text box that will OR every input values
How to search multiple values in a text box, that should return results for all the input values. For Ex, i have a textbox named Num in dashboard, now i can search only 1 input value, How can i search...
View ArticleNix Metrix dashboard color assignment broken
![Metrics Viewer][1] [1]: /storage/temp/139172-2016-06-13-10-53-00-metrics-splunk-app-for-unix-sp.png Per the screenshot, I can choose colors based on the numbers based on the statistics, but the...
View ArticleAzure Website Diagnostics Data Input stops capturing data from Azure...logs...
I have a Splunk Azure Website Diagnostics Data Input that will stop collecting data from Azure. At the time when data capture has stopped there are some logs in splunkd.log of the Peer Indexer:...
View ArticleSplitting hosts of cluster into cells of table - literal heatmap
Hello! I'm trying to generate a literal heatmap based on collected data. I grabbed the "Heatmap - Custom Visualization" app and tried playing with that, but I'm having a bit of a problem getting what I...
View ArticleHow to count how many times users came?
Data sample : Date;User "2016-04-01 09:31:05";"john.doe@gmail.com "2016-04-01 09:31:06";"jessica.doe@hotmail.com "2016-04-01 19:31:06";"jessica.doe@hotmail.com "2016-04-02 11:31:05";"john.doe@gmail.com...
View ArticleExacting Account_Name from security logs
we have a slow running search to pull the Account name from windows security logs. index=security sourcetype="WinEventLog:*" object="WinEventLog:Security" | eval SID=Upper(SID) | stats Last(SID) as SID...
View Article