How to customize home dashboard in Splunk Launcher App
I have a custom welcome to splunk dashboard and I would like to set this as the home dashboard as part of the launcher app. Is there anyway in which I can do this? So I need to see the welcome to...
View ArticleHow to resolve why alerts do not fire webhook consistently?
I'm using existing Splunk alerts, previously configured to send emails to my team, and have added to one of them a webhook action. Its URL points to my offsite server, running a Silex app. Alas, while...
View ArticleHome Monitor: How to configure the app to get syslog to Splunk on my home...
I am not very network savvy. Trying to get my home router to syslog to Splunk to look at connection info in the Home Monitor app. I can see events in the bandwidth_test sourcetype, so I know that I...
View ArticleSplunk DB Connect: Why does my lookup return multiple values wrapped in u' '...
I was running Splunk DB Connect version 2.2.0 perfectly and it would return more than one value of a lookup as result1,result2. I have upgraded to 2.4.0 and now the values are displayed as [u'result1',...
View ArticleHow to customize the home dashboard in Splunk Launcher App?
I have a custom welcome to Splunk dashboard and I would like to set this as the home dashboard as part of the launcher app. Is there anyway in which I can do this? So I need to see the welcome to...
View ArticleIs it possible for the Splunk Log driver for Docker to include options to...
An enhancement request to splunk log driver for Docker containers to include an option to mention the customized hostnames, I read an article on...
View ArticleHas anyone been able to get Splunk Web settings that do not trigger browser...
Has anyone been able to get Splunk Web settings that do not trigger these browser reports? web.conf [settings] enableSplunkWebSSL = 1 cipherSuite = TLSv1.2:!eNULL:!aNULL:!SHA1 supportSSLV3Only = False...
View ArticleRefine Time range within search
I'm trying to select a specific custom time range within a search after selecting a larger time range with the time picker and narrowing down the results using eventstats, what would be the way to do...
View ArticleHow to extract a field that is within an already extracted field?
Hi Ninja I've done a field extraction for apache access log like Referer. Referer= http(s)://FQDN/Abc/dasd/sadfasf/ Now I am trying to get only `FQDN` from the referer but field extractions is not...
View ArticleHas anyone integrated Puppet with Splunk?
Did anyone integrated Puppet Enterprise to Splunk? I'm not getting proper documentation how to setup. I found Puppet Enterprise App for Splunk but I don't see much documentation how to set it up and...
View ArticleHow many index nodes and search nodes are recommended for optimum output in...
Hello, In my organization we are planning to use distributed search and index where our requirement is 3Gb data volume in index per day. Could you please suggest how many Index node and search nodes...
View ArticleSplunk Enterprise Security: Can I hold all the events which matched my...
can i hold all the events which matched the correlation search in Splunk Enterprise Security, before it gets indexed in the notable index? so thats like --> Cor.search runs --> (store all the...
View ArticleHow to split my input file into multiple events?
Hi My input file /tmp/log.txt looks like this. 192.168.22.5 93.x.x.x 456 2 192.168.22.10 183.x.x.x 63 1 src_ip dest_ip byte packet When I add this file as an input file in Splunk, I get all data as one...
View ArticleHow to refine the time range within a search?
I'm trying to select a specific custom time range within a search after selecting a larger time range with the time picker and narrowing down the results using eventstats. What would be the way to do...
View Articlecalculating autoLB time interval ?
Can i please know how to calculate the autoLB time interval as i am planning to change the default value . For example, A UF sends 15GB of data , so how much autoLB time interval should be ?
View Articlechange default colors for seriesColors
Is it possible to change the default colors for charts, preferably so that it survives an upgrade? I would like to use the colors in the CI for the charts be default ( as far as it goes, not that many...
View ArticleRenaming index with transforms.conf and props.conf is failing
Hello. I really hope someone on here will be able to help me out. Long story short I am having some difficulties renaming an index on some cooked data that is hitting my indexer with `transforms.conf`...
View ArticleTokens set from previous dashboard is not getting set for Search
While navigating to another screen, the URL tokens are not getting set in the search. See below the step by step instructions that I have used in the code - As part of drill down, added code to...
View ArticleInconsistent Delimited Values
Here's my search: base search | rex "^(?[^:]+):\|:(?[^:]+):\|:(?[^:]+):\|:" The logs are delimited by `:|:` and this search about works fine but some events have inconsistent values with 6 or 9 or 12...
View ArticleWhy summary index is not populating all the indexes used
Hi, I am using around 8 indexes to create a summary index.But after creating the summary index , i am seeing the data for only 6 indexes and 2 indexes were missing . Can anyone please help me out in...
View Article