TZ attribute on props.conf not working on Splunk Enterprise version 7.0.4
Hi Team, We have Client UFs on UTC. And Splunk HF, IDX and SH on CST timezone. The Splunk Enterprise version is v7.0.4 . We have created props and tried both TZ=US/Central and TZ=America/Chicago (one...
View ArticleMails download and index
Which app/add-on can be used to download mails? and index in Splunk. Splunk Version 7.x
View ArticleTrigger and send mail after 15th occurrence based on threshold breach
Hi, My requirement is : I have create real time schedule which will run for every 2 mins (cron schedule) based on the CPU Utilization crossed threshold value and mail should not trigger after 2 mins....
View ArticleHow to merge 2 fields and get unique value
We have prod and non prod events and trying to display the environment names in dashboard. The prod events contain hostname and I can extract the environment name from it, where as non prod environment...
View ArticleExpand button in tables
Hi all, I tried finding my answer in the existing topics, but I couldn't find it. So I created my own topic. Maybe it's not how Splunk is designed, but I'm trying to add the expand button, which is...
View ArticleWill Splunk CIM be updated to include a "parent process hash" field for...
I am trying to ensure I align all logs field names to Splunk CIM but there is not a field for the "Hash of a parent process" under Endpoint - process table:...
View ArticleDisplaying logs last x days for every month
Not displaying logs more than the last 3 days. This pattern is the same for the last months as well. for example. If I am searching for current 30 days logs, it will display only the last 3 days logs...
View Articleshow top 5 CPU Usage vom VMware Hosts
Hi Splunkies, this is my search: index="vmware-perf" sourcetype="vmware:perf:cpu" hypervisor_id="*" | join hypervisor_id [search index="vmware-inv" sourcetype="vmware:inv:hostsystem"] | timechart...
View ArticleHow to combine foreach command with lookup data?
Hello, In order to clean our filtering rules we'd like to check if some of our old URL's are still in use (an if yes - how many times in last 90 days). Basically we'd like to perform the query below:...
View ArticleSplunk DB Connect - New inputs on cron schedule isn't indexing new data
Hello all, I'm new to Splunk DB Connect and SQL in general but got a new input to work initially with a rising column. The rising column is a unique field that increments each time a new record is...
View ArticleBy Using Email Trigger Send Alert based on number of occurences
Hi, I have an requirement that need to schedule the below search query for every 2 mins(it can be given in corn schedule */2 * * * *) but it should not trigger mail immediately even breach threshold...
View ArticleGenerating custom command not streaming output
I have created following custom command: @Configuration(streaming=True) class GenerateTextCommand(GeneratingCommand): count = Option(require=True, validate=validators.Integer(0)) text =...
View ArticleHow to search values from stats to output another stats
Hi, I'm new to Splunk and I'm trying to make the following search work: ... search | >= 50 document queries from the same user on Host x | within one minute | concerning 15 or more db records Thanks...
View ArticleLicense question
Hello, we purchased a Splunk Enterprise license through a retailer who obtained a quote directly from Splunk and I am wondering how long it takes Splunk to generate a license and pass it to the...
View ArticleHow to search values from stats to output other stats
Hi, I'm new to Splunk and I'm trying to make the following search work: Search: | >= 50 document queries from the same user on Host x | within one minute | concerning 15 or more db records Thanks in...
View ArticleHow to run exe files when deployed apps.
Hi Splunkers, after you create and deploy an app. After you complete the deployment process, I want to run "myapps/ bin/test.exe --profile test" in a windows machine. test.exe is a command line...
View ArticleHow does the "MLTK Container for TensorFlow" work?
Hi I am interested in applying Deep Learning in my data. It seems it is possible to use TensorFlow within Splunk. But I do not understand how does "MLTK Container for TensorFlow" work. Is it an app in...
View ArticleHow does the "MLTK Container for TensorFlow" work?
Hi I am interested in applying Deep Learning in my data. It seems it is possible to use TensorFlow within Splunk. But I do not understand how does "MLTK Container for TensorFlow" work. Is it an app in...
View ArticleHow does "MLTK Container for TensorFlow" work?
Hi I am interested in applying Deep Learning in my data. It seems it is possible to use TensorFlow within Splunk. But I do not understand how does "MLTK Container for TensorFlow" work. Is it an app in...
View ArticleHow does "MLTK Container for TensorFlow" work?
Hi I am interested in applying Deep Learning in my data. It seems it is possible to use TensorFlow within Splunk. But I do not understand how does "MLTK Container for TensorFlow" work. Is it an app in...
View Article