How to get a substr from a fields name
Hi everyone, I want to deliver 2 fields with 1 parameter to a destination panel. I deliver the string JNL_, the first number contains the first parameter and the second number contains the second...
View ArticleSplunk creates random folder between static and app folders in browser
I'am trying to load a css dynamically in my Javascript. This should be fairly simple, but Splunk's imaginary folder makes it impossible to achieve. So the path for any file in the static folder...
View ArticleManipulating eval and stats to get desired results
Hi guys, I'm trying to search our Qualys vulnerability data to the average cvss score for all vulnerabilities with the serverity high or critical, however, I want my average to be done over ALL of our...
View ArticlePrevent one scheduled Realtime search running on multiple search heads in a...
Every so often, our search head cluster (6.5.2) switches captain. Whenever this happens, or possibly for other reasons, our realtime scheduled searches get replicated. We have three search heads, so at...
View ArticleCustom application - If not admin, cannot access some indexes
Hello splunkers :) I have a new issue and I'd like to have your opinion on this. I created a new custom application that in the search I specify two indexes (eg. index=toto or index=titi). With a usual...
View ArticleHow to use deployer to push app?
After I installed "Splunk Machine Learning Toolkit" to the deployer (as a test), I want to push it to the search head cluster. But the "splunk apply apply shcluster-config ....." command shows an error...
View ArticleSplunk 7.0 compatibility with Splunk Add-on for Java Management Extentions...
Splunkbase states that Splunk Add-on for Java Mgmt Extentions 3.1.1 is only certified to Splunk 6.5. My Splunk instance is 7.0. Does anyone know if this add-on will work with Splunk 7.0? Or is it best...
View ArticleWhat are the steps to configure an incremental poll for the "Solarwinds...
What are the steps to configure an incremental poll for the "Solarwinds Query" Input (Custom Query) in the SolarWinds Add-on for Splunk app ? Per the documentation, it sounds like only the "SolarWinds...
View Articlecan splunk read del and lob files
We have few audit logs related to DB2 where the data resides in lob files and CSV files. The CSV file refers to lob files for CLOB data. Is there a way we can configure splunk to read this files ?
View ArticleSplunk forwarder unable to read log owned by differnet users
I have splunk forwarder under oraepm functional user and I am trying to read logs which is owned by different functional userid do I need to install one more splunk forwarder with new userid?
View ArticleHow do we read the logs under dailly with date format folder
I have logs under the daily date format directory How I ready the logs? Directory : E:\Ora\DRM\daillyDate\log.txt
View ArticleHow to set up alert to send an email with output of search string for jenkins...
Hello Everyone, I am trying to generate alert when a jenkins slave memory get's full. The search string I am using is index=app_devops AND "No space left on device"...
View ArticleSSL Errors Encountered when using a Universal Forwarder as an Intermediate...
Hi I am having some issues configuring an Intermediate Forwarder (IF) in our environment. The intermediate Forwarder is installed using a Universal Forwarder (UF) as per the document:...
View ArticleSUM IF Formula
I have some financial data in three separate fields for daily, hourly & monthly rates. The monthly field always takes precedent but sometimes this field may be blank and have a figure in the daily...
View ArticleSum if formula for daily, hourly, and monthly rates
I have some financial data in three separate fields for daily, hourly & monthly rates. The monthly field always takes precedent but sometimes this field may be blank and have a figure in the daily...
View ArticleHow to use deployer to push app to the search head cluster?
After I installed "Splunk Machine Learning Toolkit" to the deployer (as a test), I want to push it to the search head cluster. But the "splunk apply apply shcluster-config ....." command shows an error...
View ArticleSplunk uses current time instead of specified _time index field when using DB...
I am trying to index data from a query on an Oracle Database using DB Connect via batch input. Originally the field I tried to specify as the _time field was in 10-digit epoch format. My source type...
View ArticleSplunk Add-on for Amazon Web Services: Issue with indexing data
I created a custom namespace in Amazon CloudWatch and have data in it that I want to get into Splunk via the Splunk add-on for Amazon Web Services. I managed to do so, but Splunk only got new data from...
View Articledeployment server to forwarder port number
Hi, I can ping , telnet 8089 from forwarder to deployment server but when I push the app from deployment server, it is not reflected in the forwarder (serverclass is correctly configured) . Can I...
View ArticleCustom application - Why can't I access some indexes unless I'm using an...
Hello splunkers :) I have a new issue and I'd like to have your opinion on this. I created a new custom application that in the search I specify two indexes (eg. index=toto or index=titi). With a usual...
View Article