How to show empty bins on my chart?
Hello, I have my data between -1 and 1 and I want to show a distribution graph. I would like that the X axis is always 20 bins of size 0.1. I tried to used the bin command, but whenever all the data...
View ArticleProper Mail Host settings on Cluster? Reports/Alerts using old mail host.
Recently the server team changed the mail host our splunk cluster used, I have put the new value in all the search heads (System Settings, Mail Host). However looking at the python log, I am seeing...
View ArticleCan I change panel width in a dashboard using Simple XML?
**I have 3 single panels and a table on a row in a dashboard** *...* *...* *...*table $TheGood$table $TheBad$table $TheUgly$table This, That, and More; **However, I would like to have each single only...
View ArticleWhen using Eventgen to backfill data, does that indexing count against my...
When using Eventgen to backfill data, does that indexing count towards daily license limit?
View Articlemultikv parsing of a table not picking all the values
I have a table like below: CPU0 CPU1 CPU2 CPU3 0: 1826872 0 0 0 IO-APIC-edge timer 1: 9 0 0 0 IO-APIC-edge i8042 4: 390 0 0 0 IO-APIC-edge 6: 2 0 0 0 IO-APIC-edge floppy 7: 179942 1727883 42238 36...
View ArticleHow to convert monetary values to a single currency? Is there an app to...
We have events containing amounts in different currencies that we would like to normalize into euros (for example). Is there a good app to provide exchange rates for this calculation?
View ArticleHow to troubleshoot why new forwarders are not sending information to indexers?
I have just added new clients to my environment. These are the first Linux clients I have installed. For some reason, they are not communicating with the indexers. I have double checked my steps and...
View ArticleWhat is the CLI on Windows? CMD? Powershell?
is the Splunk CLI on Windows = CMD, Powershell or something in Splunk itself?
View ArticleDo Powershell scripts for Active Directory (AD Health, Replication Health,...
Do powershell scripts for Active Directory (AD Health, Replication Health, Site Info) get installed and executed on every Domain Controller?
View ArticleHow do I prevent Splunk Active Directory from pulling in Schema and AD Object...
I want Active Directory Health, Replication Health, and Site Info, but I do not want Splunk collecting AD Schema or Object data, etc. How do I turn this off? Is that accomplished by removing ADMON from...
View ArticleHow to configure a Splunk 6.2.3 search head cluster behind an AWS Elastic...
We are running 6.2.3 and are using search head clustering. We would like to use an AWS ELB to terminate SSL, and then send the data to port 8000 on the search head nodes. The problem is that Splunk Web...
View ArticleIs it possible to connect directly to MongoDB?
I want to maintain a lot of data in my KV Store, but in order to do so I have to keep it clean; but aging out old data. The problem with | inputlookup mylookup | where...
View ArticleJSON syntax highlighting not working for strings with greater than 1000...
Hi, folks -- I'm using Splunk 6.0.1. I'm trying to ingest JSON and have the JSON syntax highlighting automatically parse my input. After experimenting, it seems that I can only get the syntax...
View ArticleIs AS-User Header supported in the Splunk Add-on for Box?
Is AS-User Header supported in the Splunk Add-on for Box? https://splunkbase.splunk.com/app/2679 As-User: https://box-content.readme.io/reference#as-user-1 Any information and support will be greatly...
View ArticleHow to troubleshoot why our forwarder is not sending particular log files?
I have a particular log file that for some reason, the forwarder will not read and send the data to the indexer. I see it recognize the log in the splunkd.log 11-18-2015 01:42:56.237 +0000 INFO...
View ArticleWhen I download the Sentiment Analysis app, why is home.xml empty and Splunk...
Is there supposed to be content in home.xml? When I start up Splunk it complains about this file in the application. Also, in your compressed tar file I am getting warnings about the pax headers.
View ArticleHow to get application event logs from each Windows machine with a universal...
Hi! I have the Splunk Universal Forwarder installed on multiple Windows machines and connected to Splunk Enterprise configured both as receiver and deployment server. I'd like to get the Application...
View ArticleHow do I edit my search to find if a user logged in to multiple machines...
I want to know how to determine if a user logged on to multiple machines within a certain time window, and also identify the particular machines where the user logged in. I have used the search below,...
View ArticleAfter adding third-party certificates to our Deployment Server and Clients,...
I have just added third-party certs to our Deployment Server/Deployment Clients. Also, since we do not deploy apps that often, our phoneHomeIntervalInSecs is set to 300. Things appear to be talking ok,...
View ArticleTimestamp recognition problem (Universal Forwarder)
Hi, I have a complex events in files, forwarded from Windows hosts with Universal Forwarder. These files are zip-compressed, and have "_TRA_" in filename. They look similar to this:...
View Article