Splunk first time login failing
Installed Splunk Enterprise on Azure, unable to login admin/changeme. help please
View ArticleFundamentals 2 not working in any browser
Hi, I have purchased the Splunk fundamentals 2 but I am unable to view it. It only shows "Loading Player..." Tried it in multiple browsers Anybody had similar issues?
View ArticleSplunk panel refresh in background or don't clear the panel before refreshing?
My splunk dashboard has ~60 panels based on a few (~5) base searches and a post processing for each panel. Whenever the base search is refreshed, the content like the bars, lines, figures in all...
View Articlecolumn in search needs to be populated by another search
I have a search that tells me if an index hasn't received data from a log on a server. This allows me to monitor the splunk environment and make sure that everything it working as expected. The only...
View ArticleHelp with eval and wildcards
Hi, I'm trying to use eval for hosts, and need to use wildcards. I tried the following, but it's not working. How does eval handle wildcards? index=main sourcetype=sensor_info | eval IDSGROUP =...
View Articlejava program to Export search results in splunk sdk
Could any please suggest me where i can find java programs for the below tasks in splunk sdk i could able to establish connection & search a simple query from sdk. but failing to do export search...
View ArticleRegex help - end of line anchor
I am trying to figure out what end of anchor parameter to use for the Symantec event Here is a snippet of the Symantec event: Application hash:...
View ArticlePrint Monitoring Linux
So we recently had a requirement to start monitoring Printers usage from our print server. So I was reviewing the information on...
View ArticleSplunk is pulling the wrong custom .conf file
I have two apps that are both utilizing the same exact type of custom .conf file. The data in the .conf files are supposed to be different (it's information like specific IP addresses) that the user...
View ArticleDoes Splunk support dual Y-axis?
I need to create a dual Y-axis chart in Splunk - is that possible? I've attached an example. ![alt text][1] [1]: /storage/temp/273286-dualy.jpg
View Articleallow user to run search contained in lookup
I have created a lookup. fairly basic 2 columns, column 1 has an ID the second a search string. ID searchstring 1 source =xyz My users get the ID from a separate system and rather than remember the...
View ArticleUse makemv on all fields
I have quite a bit of single-value fields in my dataset which really should be multi-value fields. They are all formatted like this: field_name="field_val1\nfield_val2\nfield_val3\n ... field_valn" It...
View ArticleProblem with quota for splunk-system-user with big quota
Hi Splunkers, we had copied many searches to the search head node from indexer and now we have many errors like this: `DispatchManager - Search not executed: reason="The maximum disk usage quota for...
View ArticleProblem with quota for splunk-system-user
Hi Splunkers, we had copied many searches to the search head node from indexer and now we have many errors like this: `DispatchManager - Search not executed: reason="The maximum disk usage quota for...
View ArticleAge calculation based on Date
Hi, I have a field in my data that is called "date". This "date" is when a vulnerability was seen the first time. I need a calculation that allows me to do following: <30,"Less than 30 Days"...
View ArticleHow can I test if I am overfitting?
Hi I would like to know if I am overfitting. Why are my results too good? The algorithm has never seen the JUNE dataset. I trained it with the MAY dataset. But the prediction is very good. Also, I have...
View ArticleSplunk Machine Learning Tool kit: Error in 'fit' command: External search...
Hello, I just installed the ML toolkit for Splunk and am running into the below error every time I go to the showcase and attempt to use one of the dashboards and create a "fit model". Error in 'fit'...
View ArticleIn this Splunk's video how do the values of "avg_gap" and "count" been...
Hi In this video of Splunk: https://www.splunk.com/en_us/resources/videos/splunk-for-security-investigation-command-and-control-analysis.html It can be seen how to detect C&C traffic. It looks for...
View ArticleChange in Database causes FlowReceiver to stop?
I have run into the common problem of running out of disk space (less than 5000 mb error). To fix this, I've attached a 10+Tb drive by changing $SPLUNK_DB within my splunk-start.conf file. I've also...
View ArticleProblem with strptime drilldown token
Hello, i'm developing a dashboard for a client, the thing is I need to pass an earliest and latest value to perform another search on another panel. The panel needs the earliest and latest time of a...
View Article