Disk Space RED! Health Status of Splunkd
On the top of my screen is a red ! - after clicking on it it tells me my disk space is in the red ! Disk Space -Root Cause --The diskspace remaining =5434 has breached the red threshold for...
View ArticleModify session key expiration time custom script alert
Hi experts, I have an alert that triggers a custom script (python), this script executes several validations on the data and creates a service using the passed session key to execute other 2 SPLs. At...
View ArticleSplunk Text Input
Hi, I have a dashboard. It has 3 text inputs. Search by IP Text Input 1 Search by NETBIOS Text Input 2 Search by DNS Text Input 3 Submit button I have a statistical table panel below them that is...
View Articlesplunk app for Bigfix
I have installed splunk app for Bigfix from bigfix base, but when I run one of the python script manually to test for example python actions.py, i get the following errors: Traceback (most recent call...
View ArticleGetting error of "Too many subsearches"
Hi All, Any help is greatly appreciated as I am of course in a bit of a time crunch. We are currently using splunk to ingest our logs from haproxies running in our environment. The haproxies front a...
View Articlesearch head clustering
Hi , I am configuring a search head clustering with a deployer but ran in many issues: as per the Splunk docs these are the steps I did : first I set the search head deployer: I have added a...
View ArticleInstall Splunk Enterprise on EC2 (Linux) Automation from user data shell
I am looking to fix my batch script : download splunk package,create a new user, install,setup password for splunk,t accept license however it is failing at accept license and splunk edit line code is...
View ArticleField ingestion not working
Hello, I am trying to ingest some custom CSV data that I have created. In some of the data it extracts the correct fields, but then also shows duplicate fields as "field 1", "field 2", etc. Any ideas...
View ArticleHow to drill down from custom result value
Hi, I created a Dashboard with status indicator, now i need to drill down on the icon. The icon will be green and red depends on the value. | search FixtureID="4TXC18-087AB" | rangemap field=Status...
View Articlefix the number of class in classification result(confusion matrix) in Machine...
Hi, for classification result(confusion matrix) in Machine learning toolkit are there any code used to fix the number of classes in classification result(confusion matrix) to 6 for example before the...
View ArticleUnable data of table and resource of azure to splunk
Hello, I have integrated azure and splunk , getting data for blob storage and audit . But Unable data of table and resource of azure to splunk . 2019-04-21 11:39:55,371 +0000 log_level=ERROR, pid=4896,...
View ArticleMy hourly sitimechart search has a "status=success" and a "return_count=120",...
I don't understand why nothing is in the summary index. How can something return rows via `sitimechart`, but not put those rows in summary? Here's a log sample: 04-21-2019 11:00:14.786 -0600 INFO...
View ArticleHow to implement a "root cause hint"
Hi, We are new to splunk, so we are facing some difficulty to understand how to implement a kind of “poor man“ root cause analysis, or more precisely, root cause hint. There is this index we created...
View ArticleDrill down token in JS
Hi, I have a dashboard with drill down that generate tokens. I am trying to send the tokens into JS, but for some reason i get the message "undefined" (on the console screen). When i try to use tokens...
View ArticleSPL that will call a script and use indexed data as input
The requirement is to do forecasting on indexed data. A python script will be developed and use in Splunk to use the indexed data for forecasting. Is this possible? if yes, how? Thanks!
View ArticleCan dashboards be assigned workload pools?
I configured WLM my v7.2.6 standalone installation. About saved searches, description of assignment is found in the docs....
View Articlefield alias on extracted fields
I extracted some fields from raw log , and I want to define field alias for them , but on specific field which is used in other indexes and has field alias ,the alias doesn't work .
View ArticleSearch factor vs Replication factor
i know that setting RF=2 ensures 2 copies of buckets on available indexers. so this consume 2X times of space/disk. now i also know that only the primary copy is searchable, ie SF=1 , is this the...
View ArticleCan anyone help me regarding this in xml.
Can anyone help me regarding this XML code I am not getting the correct output? I have added the screenshot of the output. and the CSV file. TEST enter code...
View ArticleXML Dashboard Javascript Console Error : Deprecation warning
Hello, Guys. I am used splunk enterprise. my dashboard is XML which make up for Javascirpt. [ javascript LIST ] 1. developer gadegets : accordian toggle 2. my local javascript I want to add another...
View Article