Splunk indexer data Migration from single to two peer node environment.
We have One node having all the functionalities like Search Head , Indexer, deployment manager , license manager I. Now we want to to migrate indexer data from existing indexer to newly created indexer...
View ArticleHow to extract values from field and use it as column header
Hello all, how do I retrieve the values from my search and insert in the same row, extracting the values from the field Services, like: current search: | stats sum(fail) as Fails, sum(pass) as Passes,...
View ArticleERROR:root:(552, '5.3.4 Message size exceeds fixed limit', u'xxxxxx') while...
Our email alert stop sending ... came across ERROR in the splunkd logs 08-29-2019 15:53:04.600 -0400 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python...
View ArticleHow to display a live map from a website into my dashboard
Hello everyone, I'm a newbie and I did build my own dashboard in Splunk. I was able to create different charts and I found out how to refresh it using: . Now, I would love to be able to display a real...
View ArticleHow to migrate data from existing indexer to newly created indexer without...
We have one node having all the functionalities like search head, indexer, deployment manager, license manager I. Now we want to migrate indexer data from existing indexer to newly created indexer...
View Article"Connection to timed out. (connect timeout=60)" error when using Webtool TA
Currently, we are using the Webtool TA for invoking external REST APIs. We installed the TA on our DEV box and then we performed the following SPL command: | curl method=get verifyssl=True...
View ArticleTrying to search a Workday index for direct deposit change requests from...
We use Workday as our payroll system and have a Workday add-on with logs in an index called dmc_workday_index. I want to see the attempts over 5 to change direct deposit information within Workday that...
View ArticleAfter successful Apache2 installation of my CA signed certs, I can't get...
Hello! I've created the CRL, uploaded to my CA organization, verified ownership of the domain, adjusted the apache2 config file /etc/apache2/sites-enabled/default-ssl.conf to reflect the new keys and...
View ArticleHow do i customise splunk app for jenkins ?
Hi, How do i customise Splunk App for Jenkins ? Any github link or project ? We want to change the default index that the app is using for searching in the dashboard panels. Our company have strict...
View ArticleCouldn't parse and extract mixed data (json and text)
Hi, I am not able to send my logfile into 2 sourcetypes (json and non-json). Below is my config. I know the fix might be a simple one. It's just that I am not getting anywhere near it. Need your...
View ArticleCan we use the SAP Solman TA without ITSI?
We have a Splunk Enterprise instance that we would like to integrate with SAP Solman using this addon. As we do not have ITSI, will the addon still be able to fetch the events and index them?
View ArticleHow to use open in new tab in Splunk nav
Need to know if any one has solution of open in new tab option in nav, like we do in html or xml i.e. target="_blank" Tried with something like this but didn't work: Admin
View ArticleMonitor remote host logs?
I can't understand that. How to Splunk monitor log from remote linux log? Universal Forwarder have been installed in the remote linux. What I should do then?
View ArticleHow do I send events to nullqueue?
I am currently ingesting AWS VPC Flow logs from our AWS tenant. Most of the logs are internal traffic between ec2 instances. I'd like to send these events to nullqueue as they are not much use to us,...
View ArticleES Upgrade 4.7.1 to 5.2.0 (customized .xml, .json files functionality)
Hi Team, We are performing Splunk ES upgrade from 4.7.1 to 5.2.0. Post upgrade, I have few .xml, .json files that needs to be mapped to ES5.2.0 For ex: We have customized correlation_search_edit.xml in...
View ArticleHow to access a property on the last element in an array,accessing last...
Hi I have json events that have an array with objects and i want to extract a property from it Some pseudo search code | spath output=LastResult path=message.results{-1} | table LastResult.timestamp...
View Articlesplunk proxy
Hi, We are planning to migrate to migrate to splunk SaaS. The architecture is to use intermediate forwarder and proxy. data flow will be splunk universal forwarder ----> Intermediate...
View ArticleHealth Post app not sending data
This may be more of an iOS issue but this may be the best place to seek help. Has anyone else attempted to install Health Post on their iOS device only to have it not send data to Splunk? Even sharing...
View ArticleFilter data by condition on a heavy forwarder
Hello , Please i need to filter data on the heavy forwrader to eliminate some logs , Exemple : i need to ingnore logs which contains the fields TYPE=PERMIT with the PROTOCOL=HTTP it's work good to...
View ArticleTo identify unused/unsearches data in Splunk
Is there a way to find unused/unsearched data in Splunk? Example: In an Index=XYZ we are ingesting 100GB of data on a daily basis. Out of that 100 GB when we run queries we are retrieving 60GB of logs...
View Article