Is using TERM() the same as searching for something in quotes?
Is using TERM() the same as searching for something in quotes, in that the search is not checking letter by letter, but rather the entire string?
View ArticleDoes Splunk support MySQL 3.2.3 version monitoring?
We have a few MySQL databases with 3.2.3 version which we want to monitor if the service is up. We don't need to monitor the change in the database, but just need to be alerted when it is not...
View ArticleHow to convert dbquery output to an inputs.conf file?
I have a dbquery that outputs the 5 fields needed for the inputs.conf file used in the Website Monitoring app. I would like to automate the writing from the dbquery into the format of the .conf file...
View ArticleHow to convert a date time field to epoch time?
Hi, I am looking to format my current time to epoch time (as we need to calculate some math function on time) Time format for **incidentEndTimeStr** looks like this: `4/11/16 2:52` And used the eval...
View ArticleHow to edit my search to calculate the time difference between two events?
Hello Splunk'all, I am trying to derive a simple chart from the data I got here within a Splunk Index. The data consists of epoch time (field name is "**transactiontime**") and the transaction values....
View ArticleHow do I pass the current form values to a drilldown link
I have a dataset that has multiple attributes: accountNumber, deviceNumber, eventName, status I built a dashboard with 4 panels each showing "chart count by x" for each of the 4 attributes. I want to...
View ArticleIs there a way to get the deployment server to work with hostname aliases for...
Hi, Our private cloud uses a standard naming convention that isn't very useful, and people use aliases to make the hosts meaningful. Is there a way to get the deployment server to recognize these...
View ArticleUnable to run searches in Splunk Enterprise Security because of the error...
I am getting the following error in the Search Head running Splunk Enterprise Security: Unable to distribute to peer named splunk_1 at uri https://x.x.x.x:8089 because replication was unsuccessful....
View ArticleHas Anyone Integrated DynaTrace Data into Splunk?
Are you able to capture client-side events? Has integrating DynaTrace data added more visibility into your operations? I'm looking for all DynaTrace/Splunk users to respond!
View Articlesearch adding instead of representing a trend
I'm trying to rectify a search where the chart should represent a Trend but is actually just adding the last active user and the current active user and showing it in the Trend Column : eg : 2016-08-10...
View ArticleHow should I format my CSV Excel chart in order for SPLUNK to be able to...
How should I format my CSV Excel chart in order for SPLUNK to be able to create a report?
View Article404 when setting up Home Monitor app
![alt text][1] I get 404 when setting up Home Monitor app. any ideas why? [1]: /storage/temp/153259-error.png
View ArticleHow do I create a dashboard with a graph where I can have sidebar filters?
How do I create a graph where I can have sidebar filters? I am using a csv excel file. My y is sum value with the x being a filterable option. I'd like to have several search bars where I can filter...
View ArticleIs there a way to limit how many times a particular user can be logged in...
I'm not looking for a performance-based limit, my security auditors are asking if a limit can be set.
View Articleinstalling splunk as different user (non root)
hi splunkers i have few question regarding the installation of splunk as non root users 1 --> is it mandatory to use rpm file to install splunk as different user?? 2 --> why can't we use tar file...
View ArticleCapture the peak points in a table
I have a great search that someone here helped me with the other day. It will take all the peak numbers in a search and add them. This works great, but now I need to filter out numbers lower than 4. My...
View ArticleEval function weird return
Hello, I am doing a search and i know sometimes it will return no results. index=gamification AND sourcetype = stash | eval isFailure!=if(searchmatch("gamification"),1,0) | table isFailure Why table...
View ArticlePermissions per record in a KV Store
Hi folks is it possible to restrict access to some users to some records in a kv store? Let´s say department 1 and department 2 both access a certain kv store, but the people working in department 2...
View ArticleHow can I configure Splunk to read in a log that is identical to another log...
All, We have a report that runs every hour. Basically 10 line CSV. Might grow to 20 lines on an off week. myreport-%date%.csv It's populating a larger data set. 99% of the time the report will be...
View ArticleHow does DMC determine the status of its search peers?
I am seeing a few "Splunk Alert: DMC Alert - Search Peer Not Responding" each day for one of my indexers, but it is always a false alarm. The indexer in question resides at the same site and is in the...
View Article