Install Splunk Add On Builder Error read operation timed out
Hi, I am trying to install the add on builder on Windows. I have tried on a remote desktop and my laptop but I keep receiving the error: Error connecting to /services/apps/local: The read operation...
View ArticleSplunk UF Backlog
Hey everyone, quick UF question here... If a UF stops for whatever reason then comes back on later on, will the UF send the backlogs it missed while the service went offline?
View ArticleSplunk server need to be taken care before updating linux patch
Hi All, Could you please share the steps which need to be perform at Splunk level before updating linux patch and reboot. Splunk architect consists of Splunk Cluster master indexer search heads...
View Articlehow to set different chartView instances on a javascript page to display...
Having read numerous posts explaining how to use "charting.seriesColors", I concluded that to set the (unique) bar color of a timechart I would need to set this property to a 1 element array (my sought...
View Articledoes Splunk Enterprise or Splunk App for Infrastructure write any temporary...
does Splunk Enterprise or Splunk App for Infrastructure write any temporary files to /tmp/ folder (linux)?
View ArticleSplunk Add-on for Apache vs pretrained sourcetypes
Is the Apache Add-on falling out of favor? 1. It hasn't been updated since 1.0.0 release 2. It doesn't officially support 7.3 or 8.0 (though unofficially it works fine) 3. Splunk can natively parse...
View ArticleHow can I show a list of devices that have been offline for more than a week?
New to Splunk and trying to learn it: sorry for the dumb question. So I am trying to filter out a list of POS devices that have not passed any traffic in the past 7 days so I can build reports for...
View ArticleQuery joining 3 sourcetypes
I am trying to create a query that combines results from 3 sources, one of which is a lookup table. Any help would be appreciated. (sourcetype="sourcetypeA OR sourcetype="sourcetypeB" )...
View ArticleDashboard not showing date correctly
I am using the following code in my dashboard | makeresults$field1.earliest$$field1.latest$$job.earliestTime$strftime(strptime($job.earliestTime$,"%Y/%m/%dT%H:%M:%S %p"),"%m/%d/%y %I:%M:%S %p")...
View ArticleSplunk on Openshift
The docker image is running file and I am able to login also. When I deploy the same in the openshift it is throwing an error : sh: /opt/container_artifact/splunk-container.state: Permission denied In...
View ArticleDocker pull after successful docker login fails?
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username: ************* Password: WARNING! Your...
View Articlepercentage of total count grouped into buckets
I have a list of article IDs and their corresponding article view counts for a given day. I want to see what percentage of articles are viewed between 1-50 times per day, 51-100 times per day, 101-150...
View Articleadd time constraint for web site avilability check condition
Referring below query: index=f5 | rex field=headers "Host: (?[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3})" | eval portal=if(cidrmatch("10.x0x.0.0/16",dest) OR cidrmatch("10.A0A.0.0/16",dest)...
View Articlequestion about vulnerability?
Greetings!! I would like to ask about this vulnerability : https://www.bleepingcomputer.com/news/security/splunk-faces-y2k-bug-like-problem-unless-patched/ when ? and how ? to do updates? what are the...
View ArticleHTTP Authentication Not Working for Website Monitoring
Hi Splunkers, I am configuring the URLs for monitoring the response code of them. I want the authentication also, so i am giving the Username and password also while doing the configuration. Now when...
View ArticleHow to extract response time?
How to extract response time? response_time:0.002941865 app_id:\"c232e3a2-cecb-4e81-9beb-3150710c9a0a\" Extract response time only
View ArticleIs it possible to group by tcp ports with "TCP_High_Port" or "UDP_High_Port"...
I have list of output here from command. With stats command it comes with long list of service (tcp or udp high ports), is there any command to group by them with condition if port number greater than...
View ArticleCannot convert to ConfigInfo
Hi , a few days ago we upgraded our shc CPU's then this error started. 11-27-2019 08:04:27.338 +0300 ERROR SHCSlave - event=SHPSlave::handleHeartbeatDone heartbeat failure (reason: (Exception thrown...
View ArticleIntegration between Splunk and SolarWinds
Hi Splunker; We have integrated with SolarWinds since aug 2019, and Splunk receiving logs from it. Suddenly Splunk stop receiving logs from SolarWind. And when check splunkd.logs, I have got some...
View ArticleError in 'litsearch' command
During trial licence I am facing below error:- Error in 'litsearch' command: Your Splunk license expired or you have exceeded your license limit too many times. Renew your Splunk license by visiting...
View Article