apply javascript on Multiselect dropdown
We have a multi select dropdown say with option "All, A , b, c , D" Requirement: Whenever user selects "All" , then user cannot select any other option. If user selects anything else , then he can...
View ArticleGetting a failed to join cluster error from an indexer after an inadvertent...
Indexer was running normally yesterday. We offlined it, and after maintenance, rebooted it. When it came back up, it had a new IP because *reasons*, and joined the cluster with the new IP. After...
View Articleinputlookup |append [search] vs search | append [|inputlookup]
I am getting different results for the following two queries and I cannot understand why (index=windows) EventCode IN (4624,4625,4648) TargetAccountName!="-" ComputerName=*mydomain | eval...
View ArticleBase search XML for dashboard
I have created a new dashboard and configured the base search, but only one of the 3 panels (Web Server Error Summary) is populating the data. If I run the searches independently of the dashboard they...
View ArticleCan the tooltip be expanded to include the x-axis values?
I have a column chart that has values between 1 and 7400+. When I hover over the x-axis line it is easy to get the tooltip for the larger values, but for the columns with small amounts it is very...
View ArticleHow can I apply JavaScript on a multiselect dropdown menu?
We have a multiselect dropdown with options "All, A , b, c , D" Requirement: Whenever user selects "All" , then user cannot select any other option. If user selects anything else , then he can select...
View ArticleXML help? Dashboard has 3 panels -- only one panel populates data. All...
I have created a new dashboard and configured the base search, but only one of the 3 panels (Web Server Error Summary) is populating the data. If I run the searches independently of the dashboard they...
View ArticleSplunk Enterprise Security: "Search peer has the following message: Review...
"Search peer has the following message: Review roles for unnecessary read or write access to authorize.conf and remove access if possible. Learn more" The above is the warning message I am getting...
View ArticleHow do you add JavaScript file to Splunk dashboard?
Hi, I am trying to load the JS file in my XML dashboard but I am unable to get the JS data in the XML dashboard. I am facing difficulties. I placed the file in the path (appname/appserver/static) and I...
View ArticleProblem with view in Splunk: "Uncaught TypeError: Cannot set property...
Hello, I cloned one of my views in another Splunk machine. The original works fine in the new machine but the cloned doesn't load and the Chrome browser console says: ![alt text][1] [1]:...
View ArticleSplunk field-extraction usage performance
Below is my sample log format %timestamp% **com_java_package1**.subpackage someMessage exceptionMessage %timestamp% someText **com_java_package2**.v1.subpackage exceptionMessage %timestamp%...
View ArticleHow to set alert schedule?
We have 15 different hosts, we enabled an alert with condition "if host is down we need to alert it". It has to check every 5 min if any host is down. It has to alert it and also should not alert for...
View ArticleHow do I connect my Java program to Splunkd server?
I'm using the below mentioned code in java: import com.splunk.*; // The entry point to the client library public class Connection { public static void main(String[] args) { ServiceArgs loginArgs = new...
View ArticleHow can I reorder this table so the column B data represents the month prior?
I have the following table: Month Value September 12 October 78 November 88 December 132 I want to display the value of October in September, November in October and so on. The final output should look...
View ArticleHow can we view the data retention policy we have set?
Hi All, We have set the data retention has 1 year (365 days) for in cluster master. But when we search the data in Search and Reporting app for an index then we can able to fetch data more than a year...
View ArticleHow can I change the x-axis label on my chart to a month count?
Hi, I have this table: _time ATTENUATION EOL 2017-09-08 15 21 2017-09-09 15.3 21 . . 2017-10-01 15.7 21 2017-10-02 15.4 21 I stored the data since June, so for every day I have a value for...
View ArticleSplunk App for Network Topology Visualisation
I am looking for a Splunk App to visualize network topology over a world map. I want to be able to display network nodes on the map by its geographic coordinates, draw the links between the nodes, and...
View ArticleDell Defender Syslog field extraction - Can I combine 7 regex into one...
This post is about combining field extractions. I am working with **Dell Defender Syslogs** and want to extract different types of messages. But those Syslogs differ in length and content so **I have...
View ArticleHow to show only certain results in the statistics (by hiding some search...
Hello, I would like to hide the following results in bold and only have the final eval statement show. I am only doing the calculations for the last eval statement. source="Dataset_Finance.csv"...
View ArticleSplunk HTTP Appender - Two entries are logging for longer HTTP requests
Splunk Http appender is logging 2 entries for longer http requests. The first has the headers and the second has the body (a Soap envelope in our case). The log entries are separated by about 5...
View Article