why summary index is missing few indexes in its o/p
Hi, I am using around 8 indexes to create a summary index.But after creating the summary index , i am seeing the data for only 6 indexes and 2 indexes were missing . Please help me with reason and...
View ArticleBubble chart - have dates show on X axis
I have a search that returns me 3 fields (let's say country, _time, count) I want to show these results in a bubble chart but the X axis (_time) instead of returning dates returns 0, 1, 2, 3 etc - it's...
View ArticleHow to force retention time pruning
I have my frozen time set like this`frozenTimePeriodInSecs = 47304000` (1.5 years) yet when I do this search `| metadata index=foo type=hosts | stats max(lastTime) as lastTime, min(firstTime) as...
View ArticleScheduled Report delivers correct info in PDF, but in splunk still says it...
First time running into this issue. made a new report of suspicious logons (24 hours) to run once a day. the search itself returns good results, and the resulting PDF from the scheduled report email...
View ArticleHow to fix this problem msg="A script exited abnormally"...
Hi All, Can anyone guide us in how to fix this problem, we had updated the serverclass.conf recently via deploymentserver and this message started popping out after updating the serverclass.conf in one...
View Articlehelp me with Rex
Please help me with rex i want to extract a1234567 "INDV=1234566|RSPAR|a1234567|RSPAR"
View Articleflexible number of charts in dashboard
I'm looking for a way to have a flexible number of charts in a dashboard. ---------- **How it is now:** - At the top of the dashboard, there is a field to select one server. - For this server one panel...
View ArticleRex command Help
please help me with rex i want to retrive java.net.SocketTimeoutException: Read timed out from below _raw "msgContentType":"java.net.SocketTimeoutException: Read timed out"
View ArticleDo you i handling multi line log with variable number of field value pairs?
We monitor the log output of many file storage systems, some devices have only a few, others have hundreds, but there is no way of knowing how many disks each log file will contain. The issue (in the...
View ArticleHow to create a multi drop-down dashboard?
I'm wanting to create a dashboard/form to filter results by 2 or 3 different criteria. I've been looking through some of the walk through's but I am very new to XML (every example I find is all based...
View ArticleHow to resolve error "A script exited abnormally" after updating...
Hi All, Can anyone guide us in how to fix this problem? We updated the serverclass.conf recently via deployment server and this message started popping out after updating the serverclass.conf in one of...
View ArticleJMS Messaging Modular Input: How to resolve multiple errors such as "ERROR...
I followed the document for JMS Messaging Modular Input add-on set up. I have set java environment variable but I still cant see the JMS inputs option on Splunk Web- Manager-Data inputs. Do I need to...
View ArticleWhat is the regular expression to extract "a1234567" from my event?
Please help me with regular expression i want to extract `a1234567` "INDV=1234566|RSPAR|a1234567|RSPAR"
View ArticleHow to configure a flexible number of charts in a dashboard?
I'm looking for a way to have a flexible number of charts in a dashboard. ---------- **How it is now:** - At the top of the dashboard, there is a field to select one server. - For this server one panel...
View ArticleWhat is the regular expression to extract "java.net.SocketTimeoutException:...
please help me with rex i want to retrieve `java.net.SocketTimeoutException: Read timed out` from below _raw "msgContentType":"java.net.SocketTimeoutException: Read timed out"
View ArticleIs it possible to run Splunk Light with 2 indexers and a search head?
Hi all, Like the title says, is it possible to run Splunk Light with 2 indexers and a search head? Or is this a Splunk enterprise only configuration? Many thanks,
View ArticleHow to monitor a multi line log with a variable number of field value pairs?
We monitor the log output of many file storage systems, some devices have only a few, others have hundreds, but there is no way of knowing how many disks each log file will contain. The issue (in the...
View ArticleIn a Multi-Site Search head cluster, do we have to use the F5 load balancer...
In a Multi-Site Search head cluster, do we have to use the F5 load balancer in both Data centers? Or do we have to use single F5 load balancer for all search heads in both Data centers?
View ArticleWhy am I not receiving results when a value contains a with period and...
I would like to show results group by "SLA Request Key". I am able to view sample Data-2 but not Sample Data-1 Sample Data-1: {"key":"SLA Request Key","value":"mls.ILSP_CONTNR_SKU_INSERT"}]} Sample...
View Articlewhat are the possibilities to send DASHBOARD PDF's to share point site
Hi, we have a requirement from business team and they don't want to receive the scheduled reports in email instead scheduled PDF's store in share points links which are internal to the organization.we...
View Article