Splunk Mobile Android not able to list dashboards of Palo Alto Networks app
Hi I have currently a Splunk 6.3.3 running on an Ubuntu server for testing purposes. My Palo Alto PA-200 firewall is successfully logging to this instance. All dashboards populate nicely in browser and...
View ArticleDisk usage spike on indexer since upgrading to 6.3
Has anyone experienced disk usage spikes on their indexer(s) since upgrading from 6.2 to 6.3? ![alt text][1] [1]: /storage/temp/115183-disk-usage-spike.jpg Our other Splunk servers have not seen...
View ArticleRemoving other from search
Hi, I have a license search that gives me some good info, but only gives me the top 10 indexes. I'd like expand it to 20 or so, but not sure how to do it. Here's the search: index=_internal...
View ArticleDo I need a search-head in each cluster?
Hi, I'm looking at the training material for the cluster admin course that I took, and for multi-site indexing, it says that the following are required: 1) One master 2) At least two indexers per site...
View ArticleWhy am I getting invalid site id
Hi, I'm building out my dev Splunk 6.3 env, and ran this command: ./splunk edit cluster-config -mode master -multisite true -site RTP -available_sites RTP,OMA,MMK -site_replication_factor...
View ArticleAWS No billing from Consolidated Child account
Hi, I have the AWS app configured to monitor a child account that has been consolidated, I don't have access to the account the bills are consolidated to but we do have a lambda function in place which...
View ArticleI have installed Splunk Add-on for Microsoft SQL Server [DB Connect2] add-on...
When i check the "Manage Apps" in the "App Menu", the Splunk Add-on for Microsoft SQL Server is enabled. But, it isn't visible in the App Menu. I have Jre already Installed. The step where i couldn't...
View ArticleChoropleth crashes splunkd 6.3.2 with custom .kmz
Hi fellow splunkers! I've come across something annoying and would like to rule out my own stupidity as a root cause... so please do help me... I really do appreciate it: I run the following search:...
View ArticleConfigs for mgmt consoles...
Hi, Where/how do the Splunk management consoles get their configs? For example, the IDX get them from the CM, the SH from the deployer... If I want to adjust settings for the CM, DMC, Deployment...
View ArticleCalculate and display count variance between same field across unique hosts...
I created a table showing a mv field1 count for the same transactions as they passed through sequential hosts A, B, C, D, E, F. I'm trying to create a similar table, but show the variances between the...
View ArticleCustom Visualisation : Second Bubble chart Creation
I understood the bubble chart contains in the Custom Visualization app. What I want to have is another bubble chart with filtered query. Means lets say if I have bubble chart with Priority and State,...
View ArticleRecord extract based on data value: KV Store/CSV
Hello, We have a requirement where we have one csv file which contains around 30K records of data and need to extract complete row based on data values passed as an API or search parameter. Each time...
View ArticleMachine Learning toolkit with my own data
Hello, I want to ML toolkit and want to explore with my own data. Could any one tell me how to upload data to ML tool kit Srini
View Articlepantag to update dynamic group
Hi community, I wish to know if the following 1. For pantag to update the dynamic group, i am assuming that the data from wildfire is sufficient to accomplish this. The reason is that we have a splunk...
View Articlefilter out events from lookuptable
Hi, I have the correlation rule-Substantial Increase In Events enabled but I just want to fine tune this rule based on our environment. I dont want this rule to fire when there is a match in the...
View ArticleINPUTS.CONF
HI, Beginner at splunk here, can I add custom stanzas to windows -add -on to collect server roles data, or should i add that in the inputs.conf at the universal forwarder local level or to the...
View ArticleProblem with user roles in Palo Alto app
Problem with user roles in Palo Alto app I have two different roles, both inherited with user privilegies. Roles are: All_logs and Network_logs Only difference between those roles are that All_logs...
View ArticleWhy am I getting 5 errors occurred while the search was executing. Therefore,...
When I show errors I see the following: The lookup table 'nesa_controllers' does not exist. It is referenced by configuration 'eseries:volume-stats'. The lookup table 'nesa_drives' does not exist. It...
View ArticleHow can i extract a field from my custom search command through a conf file ?
Hello splunkers, I've got PEM encoded value from SSL certificates that are already indexed. I've made a python custom search command to display a decoded part of my value : the "not before" date of my...
View ArticleColor table cells in scheduled PDF delivery
I know I can add javascript to a dashboard to color table cells based on each cell's value. When I download the PDF, however, the cell's color is obviously removed. I was wondering if there is a way to...
View Article