Mobile app 2.4.4 gives a network unavailable error on my iPhone.
I have installed the latest version of the mobile app 2.4.4 to connect to our Splunk host which is on version 6.6.0. As soon as i try to login i get a "Network unavailable" error. I can connect just...
View ArticleSplunk Mobile App: How to resolve "network unavailable" error after...
I have installed the latest version of the Splunk Mobile App 2.4.4 to connect to our Splunk host which is on version 6.6.0. As soon as i try to login i get a "Network unavailable" error on my iPhone. I...
View ArticleSearches using the Python SDK and REST API always returning ""
I am new to Splunk's SDK and REST API. I'm trying to match a simple query I'm running via the UI (The App is "Search", the query is simply "error", and the duration is "Last 24 hours"). When I run the...
View ArticleHow to change the alert email result format?
How do I format the email result to display the result in following format instead of table format? Event 1 field1: value field2: value Event 2 field1: value field2: value Event 3 field1: value field2:...
View ArticleAllow colon in field names?
I have input data that looks like: time=2017-05-29 calendar:num_1day_active_users=10437 gplus:num_1day_active_users=1 docs:num_1day_active_users=0 gmail:num_1day_active_users=24594...
View ArticleGetwatchlist Necessary Permissions
Hello! What are the specific permissions required to be able to create lookups and generally run queries with the Getwatchlist add-on? We have to run explicit permissions in our environment. Thank you...
View Articlesystem app - what data is being stored in this index
Hi, Newbie splunk question. I have a Splunk server that is running out of disk space. Looking at all the indexes, I have a "system" app (name = "main") with the homepath of '$SPLUNK_DB/defaultdb/db '...
View ArticleSetting timestamp to minus one month of ingestion
I am getting some csv files in start of each month but actually they are the billing data for the last month. I want to set the timestamp to last month not the month it is being ingested in. Any ideas...
View ArticleGetwatchlist Add-on for Splunk Enterprise: What are the necessary permissions...
Hello! What are the specific permissions required to be able to create lookups and generally run searches with the Getwatchlist Add-on for Splunk Enterprise? We have to run explicit permissions in our...
View ArticleConcurrent Search calculation for platform designing and sizing.
We have requirement to build Single Master dashboard for a transaction monitoring. Dashboard will be collection of 6 child dashboards. Each individual dashboard will have separate search queries as...
View ArticleEmail alert not sending. [Errno 10061] in python.log
I am trying the following search to send email but encounters error message in python.log indicating "[Errno 10061] No connection could be made because the target machine actively refused it while...
View ArticleCan I use Powershell as the script triggered by Custom Alert Actions?
When using scripted alert actions I defined a bat file which the alert triggered. The .bat-file was really just a "proxy" since I was not able to trigger the Powershell script directly from Splunk, so...
View ArticlePulling out hostname from UNC path in windows
i have several SQL servers with logs in different places so i've got a share UNC location so i can deploy inputs.conf with the same config. \\SERVERNAME\Log\appserver_log.txt my inputs.conf looks like...
View Articleprops.conf and transforms.conf not working in HF > Cloud instance
I have a props.conf and transforms.conf configured to filter out some events and send to null Q. I have tested the configuration on a standalone server and get the required results that the events are...
View Articlecombine 3 search queries in which 2 of them are the result of the last one
What i am trying to accomplish is the following; I have 3 search queries. The first one displays a single value that gives me the sum of messages that a service of us recieved and accepted on the...
View ArticleCisco UCS Add-on for Splunk 6.6
When will Splunk Add-on for Cisco UCS be release? The current Cisco UCS Add-on only supports up to Splunk v6.4. What is the implication if we install the current Cisco UCS Add-on on Splunk 6.6? Thanks....
View ArticleReport acceleration, summary updating
I've got a dashboard in which the panels depend on accelerated reports. When building these reports, I've let them run once on 00:00 using scheduling. The next couple of days, these dashboards are...
View ArticleIs there a way to share a Data Model across 2 Search Head Clusters
Hi, We would like to use the same Data Model (same field extractions, same events, same acceleration window, etc.) in two different SH Clusters. Is it possible to do it without having to compute and...
View ArticleError binding to LDAP. reason="Can't contact LDAP server".
Hi, on a fresh 6.6 install I received the following error when trying to set up ldap authentication: An error occurred completing this request: In handler 'LDAP-groups': strategy="default" Error...
View ArticleData Model adding indexes
Hi at all, I have a search very simple (`tag=MYTAG`) that gives to me results that I use in a timechart count by a field (my_field) and correctly runs giving time distribution for the two values of...
View Article