Is there a way to automate the monitoring console health check?
all, Is there a way to automate the monitoring console health check and get the results emailed to me? weekly ?
View ArticleHelp with docker Splunk logging driver URL change
We are in the process of changing our Splunk web DNS name and securing it with https. We are using Splunk logging driver for Docker to receive logs. Would we need to change the Splunk URL on the...
View Articlemvexpand not working for IP6 field
I have the Cisco ISE app loaded and there is a field, `Framed_IPv6_Address` that may contain up to six IPv6 addresses. Raw event snippet looks like this: Framed-IPv6-Address=, Framed-IPv6-Address=,...
View ArticleMatching / Compaire 2 Fields
Hello, i would like to find out if both systems deliver the same output. The output of both systems is written to the same index and differ by the component contained in the event. e.g: user=x...
View Articletimechart is continous - cannot ignore the timeframe of missing events.
one of our dashboards were using below query | timechart count span=1d cont=false in 6.6.4 Splunk enterprise, we could see that it can ignore time-frame for missing data when we use cont=false. In...
View ArticleWhy data(db connect) is taking too long to show dashboards
I have connected Splunk to MS SQL server and got the data using DB Connect and built a dashboard with that data then 2 things happen 1) It stopped indexing data from day 2(I thought its going to get...
View ArticleTrying to breakdown ticket data and struggling to do so.
I am trying to display a line chart that counts in a 15min spans throughout the course of a day the number of tickets that were opened to my group by looking for my specific group name and only...
View ArticleHow to pass value of "by" field when charting "over" and "by"
I've tried all of the built-in drill-down token options. None of them captures the value of the by field when used with over. | chart count(TaskName) over ExitStatus by TaskName
View ArticleBar Graph - Stack values based on a set max value by fields on the same row
Hi, I want to create a bar graph that will stacked values of a given max value ![alt text][1] [1]: /storage/temp/274266-capture.png So the max value will be the the max value for the X-Axis for the bar...
View ArticleSplunk alert if today's volume is X percent different from past two weeks...
Hi Experts, I need help in Splunk query to send alert if today's volume at latest time is X percent different from past two weeks volume same day at same time with 10 minutes bucket. For dashboard...
View Articlehow to copy of entire splunk instances to another instance?
Hii Everyone, I want to move all the knowledge objects and everything from one splunk instance to another instance... Simply mirroring of splunk to another machine. The new instance should act as old...
View ArticleSearch peer has the following message: idx=_internal Throttling indexer, too...
Hello, I am getting these messages , what is the action upon this? The disk space is not even near half,that shouldn't be the cause. Any guidance will be greatly appreciated. Thanks
View ArticleWhy am I gettin the warning "Restricting results of the "rest" operator to...
Since we upgraded from Splunk 6.5.3 to 7.0.3 we are getting the following warning: REST Processor: Restricting results of the "rest" operator to the local instance because you do not have the...
View ArticleChart multiple series in Splunk 7.3: what's new?
The [Splunk 7.3 release notes][1] describe the following "what's new" item:> **Chart multiple series**> Co-analyze multiple related metrics easily in the same view and create sophisticated...
View ArticleView all Splunk instance in a single Splunk?
We have 6 splunk deployment server and need to login to every server to see the dashboards in respective servers. Is there any possible ways to manage a single splunk instance where i can see all...
View ArticleMultiple LDAP group User part
Hello All, If one user is part of multiple LDAP groups which are linked in Splunk. Which one will he assigned to? Like we do map of roles with LDAP group. Thanks !
View ArticleColumn chart
Hi all, I am having issues with creating column chart visualization. I have for example table that looks like this: field1 field2 field3 field4 20 10 30 15 What i am trying to do is to create two...
View ArticleHow to calculate date based upon a patch lot value.
How can we apply below logic in splunk. We have the data in Splunk which is coming out as below. Host Patching Lot A Lot 1 B Lot2 C Lot 3 Lets say Lot 1 means - First Sunday of Every Month Lot 2 means...
View Articleoperation:"copying source to destination", error:"Access is denied."
I was getting numerous errors given below on one of the SHC members, ERROR CsvDataProvider - The lookup table 'XXXX' does not exist or is not available. I noticed, the lookups were missing only on that...
View ArticleDBConnect 3.1.4 Input
I have setup and configured DB Connection (version 3.1.4) and have been able to get my identities and connections setup. However I am having a problem with configuring an input. If I do the following...
View Article