using a $variable$ in the output of a mapped search
I am running a search that gets a list of accounts, multiple records that can have multiple accounts in each event. I need to find all accounts that are not valid. what I have so far produces results...
View ArticleIssues with Qualys Technology Add-on (TA) 1.5.1 unable to fetch data
Hello All, We are facing issues with our Qualys Technology Add-on (TA) 1.5.1 where it is unable to fetch any data ( host detection/knowledge base ) from Cloud api. ta_QualysCloudPlatform.log:...
View ArticleError installing self signed / ca signed certificates in splunk
Following is the error after i update web.conf with certificate and keys i have from a CA authority. Splunk> CSI: Logfiles. Checking prerequisites... Checking http port [8000]: open Checking mgmt...
View ArticleSpecific Application Search
I am trying to write a query that searches for a particular "application" that is installed to a number of machines. For example, I have an index that catalogs all applications installed. I am...
View ArticleUniversal Forwarder input not working
Hi, I have a dev windows 10 64bit environment with Splunk Enterprise and a Universal Forwarder and I'm trying to use File Metadata App to send data from UF to Splunk Ent locally (I'm testing the app)....
View ArticleMonitoring Registry via universal forwarder not working
Hi, I am trying to monitor a registry key from a remote server using a universal forwarder. No matter what i put in my inputs.conf, i just cannot get it to work. This is my inputs.conf:...
View ArticleUniversal Forworder How to install app and configure input.conf
HI, I have a Win10 64bit environment with Splunk Enterprise instance and UF instance. I tried to send data using the File Metadata app to send data from UF (local) to Splunk Ent (local) to test the app...
View ArticleIs there a way to compile a custom alert python script?
Hi, I wanna ask if there is a way to obfuscate/hide a python code that works on Splunk? Tried Cython and py_compile to no avail. Or am I just doing it wrong? Any help would be greatly appreciated....
View ArticleColumn moves left when I export dashboard to Pdf
Because of the dashboard has too many units, I have changed 600 to 1400 in pdfgen_chart.py.but when I export Pdf, the column moves to left, why? how to fix it?![alt text][1] ![alt text][2] [1]:...
View ArticleDB connect to SQL to several databases within the same connection
Hello. I'm currently using DB Connect version 3.1.4 Build 42 on a Heavy Forwarder running 7.1.2. Having a Database connection using driver MS-SQL Server jTDS up and inputs working. When you stet up the...
View Articledisplaying data per team
I have an sql server query wich counts the number of total quantity produced in an industrial company , i saved this query in dashboard , the problem is that we have three teams : the first team works...
View ArticleHow can I display an apostrophe in a column title?
I'm trying to put an apostrophe in a colunm title into a dashboard I tried with renameand fieldformat but it does'nt work. | rename trCount as "Nombre d'appel" or | fieldformat "Nombre d'appel" =...
View ArticleCustomize Sankey Visualization With Single Value Visualizations
Hello All, we need to create a DASHBOARD, which has a tree-like layout to represent various departments in our Org. Installing the Sankey diagram app has helped us with the layout. The real trouble...
View ArticleRetrieve Pevious Work and Queries
Hi Splunkers. I'm new on this tool so I'm going to ask you a question. I've worked on a little project and also saved the report after having uploaded three different logsources and made some...
View ArticleSplunk Index storage configurations
Hi , We are building a new Splunk infrastructure in which daily 300 GB data will be ingested, we are running with 2 indexers in cluster, just want to know what would be the best index storage...
View ArticleCSV Import
Hi, i currently have a huge csv file (255.000 rows) that i want to Import into a specific index. If i add it manualy i can upload the file and set the sourcetype correctly. Splunk recognizes the Events...
View ArticleVisualizing numerical sensor data in a line chart
Hi, As a total beginner (I've scrolled through the tutorial) I have imported a .csv file containing sensor data with the following format: timestamp,signalName,signalValue example) 2019-06-20...
View ArticleIs there any way to use fillnull conditionally
I have a requirement, where i need to switch the fillnull value between Excluded and N/A. So is there any way that i can use fillnull conditionally. Eg: if (status == "EXCLUDED") then fillnull...
View Articlewhat is the path where the logs are stored?
Hi I have set up a virtual machine because I do not want to mess with production servers. Now, I want to use SFTP to send logs to this virtual machine. Is there a path where the logs are stored? If so,...
View Articleregex to replace numeric value as astreik
i want search search level field extraction command to replace all numeric value as astriek Name = Dell vostro 2012 laptop wireless Name = HP latitude laptop 20161 home station Name is the field...
View Article