Splunk App for Web Analytics: How to resolve missing data?
I've read several threads on this already, as well as have been over the documentation. I'm not sure what I've done incorrectly. Quick summary: Apache data is going into Splunk. Source type is...
View ArticleWebsite Monitoring: Why is data from my new index not displaying?
I installed the Website Monitoring application yesterday and it was working fine but for some reason, my dashboard only shows the data from the last 18hrs ago (index=main). But when I pull data from my...
View ArticleCan SSL be configured when sending data to Universal Forwarder through TCP...
Hi, Data is sent to Splunk Universal Forwarder (UF) through the TCP connection. From UF, data is forwarded to indexers. As we know SSL is supported by Splunk when Data is sent to Indexers. But can SSL...
View ArticleSplunk App and Add-on for AppDynamics: Why am I unable to collect the metrics...
Hi, I'm getting proxy error. We don't have any proxy configured on the server. URL can be accessed directly from the server. I'm getting below errors in the log and unable to collect the metrics from...
View ArticleWebsite Monitoring: How to configure with app with multiples proxies?
I don't know how to accomplish this configuration. I have an URL listen on port 80 but it is binding to 2 servers with the same port Server1:8080 Server2:8080 Any idea on how to setup the...
View ArticleMetadata will not rewrite. Why is Splunk ignoring my configurations?
I am trying [once again] to rewrite metadata, host, source and source type from fields in my event. I have an event like: { [-] datasource: otherport ident: root message: This is a test orighost: play...
View ArticleCan we keep the same Splunk reset license key and apply it whenever we exceed...
Hi All, When we exceed our license 5 times, we are supposed to get temp reset license key to reset the license... Does this reset temp license have any validity to apply or can we keep the same reset...
View ArticleHow to calculate the round trip time by the modulo-type sequence number...
By monitoring "ping" packets with tcpdump software, the following records are saved as an example. ![alt text][1] The first two request packets with sequence number(seq) 19611 and 19612 have no reply....
View ArticleHow to monitor my local browser history in Splunk?
I have installed Splunk Enterprise free version on my personal PC. I want to track the URLs are visited from the browser in my Splunk dashboard. I tried to monitor the local App data directory...
View ArticleWhat is the best way to store user-specific preferences?
Hi everybody, what's the best way to store user-specific preferences? I need something like the *"setup.xml"* functionality, but to memorize settings **independently for each user**. Is there a...
View ArticleExpiration of Slack alerts
It would be nice if Splunk could age or expire Slack alerts at a later point in time. For example, let's say an alert has a finite lifetime, it should be expired. Another example would be an alert...
View ArticleREST API Modular Input: Which capability does a user need to use the add-on?
I have installed the [REST API Modular Input add-on][1] and I want to create a User Role with access to "Data Inputs/REST" only. None of the other inputs should be available to that user. Of course I...
View ArticleHow to find the oldest log indexed in the indexer instances ?
Hi All, Currently we are running out of space in our indexer instance and we wanted to remove the oldest data that is in our indexer and stored more than 1 year from the indexer instances. When we...
View ArticleWhy did my saved search display error "exited with status code: 1"?
One of my saved searched exited without proper information and getting this error message in the splunkd.log. 03-20-2017 10:22:32.054 -0500 ERROR script -...
View ArticleHow to edit my search to display daily license usage and total license usage...
Hi I'm struggling to find out how to add an overlay or something that will display the daily license usage for specific indexes and the total daily license usage. I'd also like to add our current...
View ArticleSplunk App for NetApp Data ONTAP 2.1.5: Is the Controller View...
Does anyone else have the problem that the _Proactive Monitoring -> Controller View_ dashboard (ontap_entity_filer) does not poulate the _Controller Name_ dropdown in the Splunk App for NetApp Data...
View ArticleWhen reviewing License Usage for the previous 30 days, why is the usage not...
When I review my license usage for the past 30 days with No Split I average 330-380GB which sounds accurate. However If I split by Index (each source is split into indexes) I average 730+GB. My...
View ArticleTimeline - Custom Visualization: Is it possible to extract the duration from...
Is it possible to extract the duration from a graph in a drilldown, even though the duration has not been displayed in the chart (it is in the table behind the chart)? If not, how do i access...
View ArticleIs anyone running Splunk Enterprise Security with Windows Server 2016?
It's not mentioned as being supported on the product page, but is anyone running Splunk Enterprise with the Splunk Enterprise Security add-on on Windows Server 2016? If so, did you run into any issues?...
View ArticleIs Syntax Highlighting broken on a Splunk 6.5.2 Search Head Cluster?
I'm finding that in all my 6.5.2 infrastructure that syntax highlighting is working fine, with the exception of my Search Head Cluster Members. This is pervasive across both my production and my test...
View Article