reload app settings
Hi I am having an app in splunk version 6.4. My app is using a j script and a css file. As per my knowledge if i change the logic of j script only on splunk restart the change in java script will be...
View ArticleHow to add time range to the exported PDF in dashboard?
While sharing the pdf with the stakeholders they have requested to know what the timerange is. Is there anyway we can print this in PDF from the input time picker?
View ArticleSplunk dashboard base search gives result which is different from that of an...
I am using Splunk Enterprise 6.6.2, and today I noticed an alarming problem. In order for me to troubleshoot the problem, I created a bare-bone version of my dashboard: Quotation View v1...
View ArticlePermission Denied when checking status of SPLUNK
I get these errors when trying to check the status of SPLUNK after a restart of the device: Pid file "/trvapps/splunk/var/run/splunk/splunkd.pid" unreadable.: Permission de nied Cannot initialize:...
View ArticleIBM Datapower app
I'm using the [IBM Datapower app][1] and as we have to manage several instances of the appliances (non-prod and prod) I'm wondering if there is a way to add several instances. In the "Add-on settings"...
View ArticleError:Ingestion of VPC Flow Logs using Splunk AWS Add On
Hello Friends, I am trying to ingest the VPC flow logs into Splunk using the AWS Add-On for Splunk. I have configured Kinesis Stream and using the Kinesis input type to ingest the VPC FLow Logs. But I...
View ArticleAlert Emails are not in Triggered Alerts in Splunk
Hello All, I have set up few alerts in Splunk which are trigerring properly as I am getting the email alerts. But when I am checking the triggered alerts I am not seeing anything there. Alert created...
View ArticleCan we create dashboards from MS Project (PWA) in splunk?
Hi Team, Can we integrate MS Project 2013 with Splunk for creating dashboards? For e.g. Creating EV Metrics dashboard. Any pointers will be helpful.
View ArticleAddColTotal value in a new column
I use addcoltotal for one of my columns . But my result has a lot of rows, so I have to browse a lot of pages to find my sum result at the bottom. Can we have the sum/result in a new column instead ?
View ArticleIs there any Mobile Iron device(MDM) integration documentation.
I found some add on for dashboard. But we are facing some issue in integration like they are giving single option. How can i add multiple indexer in it.![alt text][1] [1]:...
View ArticleHow can I get total duration of time for which each user logged in to splunk...
We have many users using splunk dashboards and we want to know total time for a user logged in to splunk system for this month. Using different query I am able to know the list of users, their last...
View Articlehow to kill defunct pid without rebooting the server
Splunkd instance is not running bcz of multiple defunct pid are created, even we are killing the PIDs splunk is not working.Please help me out how to kill and start splunk.
View ArticleReport on IOT inventory of devices vs events generated
Hi, I am new to Splunk, but after reading all the documentation, I am still not able to find a solution for my scenario. I have a relatively big farm of IOT devices, around 100.000. And I have two...
View Articleregex help
I'm trying to configure a field extraction but am getting some strange incisions in the output. I'm running the below regex **^(?:[^:\n]*:){4}\s+(?P[^\|]+)**, but am seeing additional values. The...
View ArticleHow to search comunication between a inputlookup with some ip's and traffic...
Hi, I have a doubt about an inputlookup, i have a inputlookup with some ip's and i want to know how can see comunication between my input and traffic from others indexes?
View Articlelist of all indexes and all fields within each index
I can obtain a list of fields within an index eg. index=bind_queries | stats values(*) AS * | transpose | table column | rename column AS Fieldnames and a list of all indexes, | eventcount...
View ArticleWriting a regular expression to capture null values
Hi, I've got fields which contain null values. I'm writing a regular expression to capture instances where fields contain null values. This is what I have, but it's not working. ^(^.){0}$ I'm trying to...
View ArticleI would like to obtain a list of all indexes and all fields within each index
Separately I can list all fields for an index and create a list of all indexes, but I have not been able to achieve both within one query. Any ideas? | eventcount summarize=false index=* index=_* |...
View ArticleChanging the incident_key parameter
This app is sending over an incident_key parameter in each message when triggering a PagerDuty alert. The incident_key parameter seems to default to the Splunk saved search name. This is causing an...
View ArticleSplunk Add-on for Microsoft Exchange: ERROR "Search-AdminAuditLog : Object...
In Exchange 2016, to collect the Admin Audit logs, it runs a similar script to 2010 C:\Program...
View Article