How to find certain field values and change the value into another field
If the vulnerability column has a certain value then a new column called ‘Software_Affected’ has a corresponding value like below-- 1. “*DES*” is in the vulnerability column then the new ‘Software...
View ArticleDrilldown to url to display in iframe
Hello all! I have a dashboard table that has multiple values, one of which being urls. Im trying to pass the value of the url to an iframe on the dashboard and have it display the contents of the url...
View ArticleVCSA (6.7): Impossible to add splunk universal forwarder at startup
Hi all, I have an issue with startup script generated by this command: "/opt/splunk/bin/splunk enable boot-start" Result is: "service splunk does not support chkconfig" Script generated start with...
View ArticleSplunk Slack Channel
Is the splunk slack channel still active? There was a similar question a few months back that indicated it was but there may be some delay with the invite process. I submitted the form a while back and...
View ArticlePlease assist in LINE_BREAKER stanza in `props.conf` for custom app
Dears, I have an app which generates logs in following pattern: ---------------------------------------- Timestamp: 2019-08-23 14:00:01.545 UserLogin: ascache UserId: -1 Severity: Information Message:...
View ArticleWhy isn't the rename command not renaming fields?
I'm currently creating a list that lists top 10 technologies and I'm trying to rename "Red" as "Red Hat" using the rename command. Here's the query: | tstats summariesonly=f...
View Articlehow can pass a date to search index to pull the incremental data
i am trying to pull the data from splunk index using python and it triggers every 5 min. So i need to fetch the new data for the every run , nothing but an incremental data pull.
View ArticleBuild a parent child relation
Hi All, Below is my situation: parentkey childkey b c 0 a a b b d b e Output is to be like this 0-->a-->b-->c,d,e How can i achieve this in splunk?? TIA Regards, BK
View ArticleUsing WGET to monitor html webpage?
I'm struggling to monitor a webpage with Splunk. I just need to get the html from a certain URL (like google,com) and get the contents of the element into Splunk. According to the following link, a...
View ArticleBad data from asset discovery app
Hello , I have installed splunk discovery app and set the nmap command as C:\Program Files\Splunk\etc\apps\asset_discovery\bin\nmap.cmd -A -O -t 172.17.0.0/16 10.2.237.0/24 i am getting data for 2017...
View ArticleUnable to get incidents loaded in the Alert Manager's Incident Posture
Hi All, We're using Alert Manager as a solution to produce Incidents, just like the Incident review dashboard in the Enterprise Security Suite. We have followed all the instructions given in the...
View ArticleSearch not being executed
Hello I am using Splunk to analyse results from Qualys Vulnerability Scanning I have noticed that one of my searches is not returning any results : > index="qualys" earliest=-0mon@mon |> where...
View ArticleAccess /services/receivers/stream endpoint through Nginx proxy?
We're running a Splunk indexer behind an Nginx proxy in order to apply HSTS headers. However, we recently noticed that this is silently preventing us from sending data to the /services/receivers/stream...
View ArticleGet percentage of values for a field based on total number from different search
Hi, I have been pulling my hair to get this to work, but couldn't, and any help would be very much appreciated. I have a set of events created for when `tickets` are created. One of field is `created`...
View ArticleFile not found
Getting this error in splunkd.log:> ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\TA-ftppull\bin\ftp_input.py"" - 550 The system cannot find the path specified. - 550...
View ArticleGetting a 404 on the home page for Template for Citrix XenDesktop 7 how do I...
I have been trying to load into my distributed Splunk system the Templatef for Citrix XenDesktop 7 application, but I am unable to get the home page to display when I click on the DropDown by...
View ArticleSplunk for Asset Discovery: Receiving out of date data
Hello, I have installed Splunk discovery app and set the nmap command as C:\Program Files\Splunk\etc\apps\asset_discovery\bin\nmap.cmd -A -O -t 172.17.0.0/16 10.2.237.0/24 I am getting data for 2017,...
View ArticleWhy is search not executing?
Hello I am using Splunk to analyze results from Qualys Vulnerability Scanning I have noticed that one of my searches is not returning any results : index="qualys" earliest=-0mon@mon | where...
View ArticleHow to get percentage of values for a field based on total number from...
Hi, I have been pulling my hair to get this to work, but couldn't, and any help would be very much appreciated. I have a set of events created for when `tickets` are created. One of field is `created`...
View ArticleHow to access the raw data collected by Splunk?
1. I want to access the log files from Web servers, Micro Services, by protocol (HTTP, SOAP, FTP, etc.) or Databases. 2. What are the aggregates which Splunk avails to user via the Splunk interface?...
View Article