Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Archive
Archive
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Community
- :
- Archive
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Invite a Friend
- Sort by Topic Start Date
Discussions
Start a Conversation
| Thread Info | |||||
|---|---|---|---|---|---|
|
I'm trying to run a search for a large number (45) of suspect IP addresses. The search runs for 12 hours or more but ...
|
0
|
4
| ||
|
|
In my application the SystemOut logs from the Websphere logs are sent to Splunk Server. In these logs i have a log st...
|
0
|
1
| ||
|
|
I have installed the app and faithfully followed the instructions provided but I still see no result when I try to la...
by
williamavila12
Explorer
in
Archive
07-18-2011
|
0
|
5
| ||
|
|
Once my data is indexed, I would like to delete the original one from my disk. If for any reason I need the original ...
|
0
|
1
| ||
|
|
Once I index my data, I would like to delete the original one. If for any reason I need the original one, I would lik...
|
0
|
1
| ||
|
|
We have a "complicated" directory structure for logging. I wanted to understand the impact on performance for Splunk ...
|
0
|
1
| ||
|
|
Hi,
I am currently trying to get my head around a problem. Data is being read in from an external source, I cannot...
|
2
|
2
| ||
|
|
Hi,
I'm trying to do this search "sourcetype="MySQL" | multikv fields Variablename Value | search Variablename="In...
|
0
|
1
| ||
|
|
How would I add field x to the results of count(y) as z so that the results are x z count(y)? I know it is simple but...
by
TomCollick
Explorer
in
Archive
07-19-2011
|
0
|
3
| ||
|
|
Hi, I'm trying out the websphere app, I can see the log and config files but no data is loaded in the dashboards.
...
|
0
|
1
| ||
|
|
Hi,
We have an application return in Java that captures shopping metrics like Customer Name, Vendor, CustomerId an...
|
1
|
1
| ||
|
|
Hi,
I have installed the Cisco Security suite and Cisco Firewall apps. I have setup UDP port 514 and told the ASA ...
|
1
|
3
| ||
|
|
Hello. I am fairly new, and I am studying hard to learn the nuances of Searching and building Dashboards. I thought i...
|
0
|
1
| ||
|
|
How to get elapsed time? I have the following |eval tnow = now() |convert ctime(tnow) as currtime | eval eltime =(cu...
by
david_fresne
New Member
in
Archive
07-14-2011
|
0
|
1
| ||
|
|
I have the following search :
index="efept" source=/var/log/efe/server.log host=efeprodapp13 FilingTypeId: AND Rou...
|
0
|
1
| ||
|
|
Greetings Splunkers!
So I'm writing my first app for a Content Delivery Network platform and for ease of use I'm a...
|
3
|
1
| ||
|
|
I’ve just been told by my hosting company that my server is creating an “outbound denial of service attack (DOS)”.
...
|
0
|
2
| ||
|
|
I am using a LWF to send Windows DHCP logs to an indexer using this configuration:
[monitor://F:\dhcp]
sourcetype ...
|
0
|
3
| ||
|
|
Hi,
we're using the free license of splunk and are very happy with it. Unfortunately, our application ran into thi...
by
volkergersabeck
New Member
in
Archive
07-08-2011
|
0
|
4
| ||
|
|
Hi I have splunk installed and can access everything in the terminal. I got to the ./splunk start part, and after rea...
|
1
|
0
| ||
|
|
Hi folks,
I'm trialling Splunk and while I'm waiting for my support folks to install the Splunk Forwarder on my To...
|
1
|
1
| ||
|
|
I have a Windows 2008 R2 Server. We are importing 2,160,617 Files in 86 Folders.
The indexing process starts off f...
|
0
|
2
| ||
|
|
I am running Splunk version 4.2.1.
I have a saved search that runs nightly. This was one of my first queries in Sp...
|
0
|
1
| ||
|
|
I've enabled the receiver option on my splunk (free) install - and running a splunk universal forwarder on another ho...
by
mikeforbes
Explorer
in
Archive
06-20-2011
|
1
|
3
| ||
|
|
Hello,
I am trying to come up with a search to compare the IP address values from two different log types containe...
|
0
|
2
| ||
|
|
new install of 4.2.2 on linux.
To add a new remote event log, the online documents say:
Configure remote event ...
|
0
|
2
| ||
|
|
Hi,
I'm getting an error while attempting to generate a gauge.
Search operation 'gauge' is unknown. You might ...
|
0
|
1
| ||
|
|
We are following exactly the documentation provided with "OPSEC LEA for Checkpoint (Linux)" App.
The step Retrieve...
|
0
|
2
| ||
|
|
Attempting to run ./splunk diag has failed with the following error:
=============================================...
|
0
|
1
| ||
|
|
This online doc says that persistent queues only work with certain input types. Will they work with splunktcp? This i...
|
0
|
2
| ||
|
|
Has anyone successfully installed splunk 4.2 on FreeBSD 8.x? I'm getting the following error output on FreeBSD 8.2 fr...
|
0
|
3
| ||
|
|
I'm running the splunk 32-bit package for FreeBSD 6.x on FreeBSD 8.0 i386 with the compat6x package installed. I unde...
|
0
|
2
| ||
|
|
I'm trying to monitor the registry and filter on a few critical keys. When I look at the events, I'm seeing events fr...
by
jambajuice
Communicator
in
Archive
01-15-2011
|
1
|
4
| ||
|
|
I would like to see a splunk extension specifically adapted for flowing CDR records managemnet from Cisco VOIP soluti...
|
1
|
14
| ||
|
|
Team,
I have a dashboard that I'd like to schedule to be emailed once a week. The dashboard takes about 30 seconds...
by
sondradotcom
Path Finder
in
Archive
06-24-2011
|
1
|
1
| ||
|
|
I've got 2 folders of config data- both have 21 files.
Splunk is only adding 17 from one folder & 9 from the othe...
|
1
|
14
| ||
|
|
"404 Not Found
App "Splunk_CiscoFirewalls" does not support UI access. See its app.conf for more information."
...
by
Gregory_Lapchen
Engager
in
Archive
06-22-2011
|
0
|
1
| ||
|
|
Hi,
We are looking at this product and I just wondered if anyone could give me a brief summary of the pros and con...
|
1
|
1
| ||
|
|
There is an error message:Your maximum disk usage quota has been reached. usage=15808MB quota=10000MB user=admin. The...
|
0
|
1
| ||
|
|
Will, the MAXMIND app is incorrectly identifying an IP address in Centreville, Va as being in Miami, Fl. What is the ...
|
0
|
1
| ||
|
How can you format the release notes for an app ?
The last 2 sets of release notes I have created for the SPLUNK4J...
by
Damien_Dallimor
Ultra Champion
in
Archive
06-18-2011
|
1
|
1
| ||
|
I've created a new application. I've got the following questions on adding content.
How to create a custom dr...
|
0
|
1
| ||
|
|
Hi Splunkers,
I have a Splunk Indexer installed on a CentOS box (English language). When I use a workstation that...
|
1
|
2
| ||
|
|
Hi,
I've been using for 1 year or so a configuration for my splunk forwarders as it is in this link: http://www.me...
|
1
|
3
| ||
|
|
Can I know what is the reason of why the RSS has not been generated or even run even though I have created the schedu...
|
1
|
2
| ||
|
|
Is there an automatic maintenance task to shrink the database files (delete the oldest file) to avoid the disk space ...
|
0
|
1
| ||
|
|
Hi, I recently installed the new Splunk Universal Forwarder. I use the built-in bootup script that comes with Splunk,...
|
2
|
2
| ||
|
|
I have two types of log files, one is supposed to record security related events (sourcetype = sec) and the other to ...
|
1
|
3
| ||
|
|
Hello,
I am rolling out SPlunk across several Windows machines and have noticed a problem. To simplify installatio...
by
dbutch1976
Explorer
in
Archive
06-14-2011
|
0
|
1
| ||
|
|
Having some trouble with a directory monitor:
[monitor:///usr/local/ecc_to_splunk/pickup/*.disk.*]
This monitor...
|
1
|
6
| ||
|
|
I am constantly getting the below under Manager->Licensing
Jun 8, 2011 8:59:15 AM (just now) This pool contains sl...
|
0
|
4
| ||
|
|
I am installing the Splunk for Cisco Security application for a company in Africa and would like to have the realtime...
by
stephanbuys
Path Finder
in
Archive
11-23-2010
|
0
|
1
| ||
|
|
Hi Paul,
This is only a remark.
I had to change this line in the ossec_agent_management.xml to have my OSSEC Se...
|
0
|
1
| ||
|
|
Sorry complete newbie, having trouble getting my head around splitting this log into distinct event. The default proc...
|
1
|
2
| ||
|
|
In a testing scenario, I want to clean an instance of splunk and remove all indexes, all logs, etc. I don't really ca...
by
bboe_splunk
Splunk Employee
in
Archive
06-13-2011
|
0
|
1
| ||
|
|
Hi this is a setup question for compliance monitoring.
I have a linux box, so I index everything under /var/log. I...
|
0
|
1
| ||
|
|
I've just upgrade a splunk server from 4.1.7 to 4.2.1.
After the upgrade,I enabled the deployment monitor and noti...
|
0
|
1
| ||
|
|
I just uploaded a new version of an app, SPLUNK for JMX
On the app's banner page , I notice that the layout is now...
by
Damien_Dallimor
Ultra Champion
in
Archive
06-09-2011
|
1
|
2
| ||
|
|
Hi, I 'am a newbie with splunk and i have an issue with the Cisco Firewalls. I use the syslog feature with splunk for...
|
0
|
1
| ||
|
|
On a Windows 2008 R2 server, I've been comparing the %Processor Time counter on the Total instance from Perfmon with ...
|
0
|
3
| ||
|
|
Running spunk 4.2 on rhel 5.5, I added the new *NIX app and when I click on setup I am taken to the following URL:
...
|
1
|
7
| ||
|
|
Does such a facility exist within SPLUNK by which you can add a custom "handler" to a TCP or UDP socket input ?
Su...
by
Damien_Dallimor
Ultra Champion
in
Archive
06-06-2011
|
1
|
4
| ||
|
|
Does anyone know of work that has been done to make Splunk talk to Sourcefire's eStreamer (log API) available on thei...
by
sdwilkerson
Contributor
in
Archive
06-28-2010
|
0
|
1
| ||
|
|
It seems I need to use 'xmlkvrecursive' to properly parse XML log files where the tags may contain many attributes. H...
|
1
|
2
| ||
|
|
All,
According to the splunk interface I have a warning: "1 pool violation reported by 1 indexer" Details: "This...
|
1
|
2
| ||
|
|
I've been tasked with setting up an application similar to the Splunk Unix app. I'm not sure where to start. I have t...
|
0
|
2
| ||
|
|
The PCI app is producing errors indicating that the lookup files could not be written. Below is an example of the err...
by
LukeMurphey
Champion
in
Archive
06-06-2011
|
1
|
1
| ||
|
|
Is there a release date for 4.2.2 yet? I am interested in finding a listing of what known 4.2 bugs are expected to be...
|
1
|
5
| ||
|
|
We want to empower you to hold your own Splunk regional User Group meetings--what do you think of calling them, Splun...
|
7
|
6
| ||
|
|
How can I set a static value on a radial Gauge instead of the event count? I have tried:
<module name="HiddenCha...
|
0
|
6
| ||
|
|
guys, i have a little question. I've been testing out splunk on windows version server. What i'm after is just retri...
by
li_leejohn
New Member
in
Archive
06-01-2011
|
0
|
1
| ||
|
|
I am trying to complete a setup of the PDF Server and mail view, but all the zone graphs are blank. All the packages ...
|
5
|
1
| ||
|
|
I have a very similar issues as MasterOogway mine is just on Windows. Running ver 4.1.6 I have a simple monitor set t...
|
1
|
5
| ||
|
|
Now that I've used the "Save results" button on my search results and can access them through the jobs screen, where ...
by
blurblebot
Communicator
in
Archive
05-31-2011
|
2
|
3
| ||
|
|
Anyone out there have 10 Billion indexed events? I do and I think it's slowing down my Splunk.
|
0
|
3
| ||
|
|
I have been looking at the Cisco Pix App and the transforms for src and dest ip. What I noticed is that the src and d...
by
EricPartington
Communicator
in
Archive
10-15-2010
|
0
|
3
| ||
|
|
So I use the following workaround to get over the 100k hurdle with distinct_count(field1)
....| stats count by fie...
by
nbharadwaj
Path Finder
in
Archive
05-28-2011
|
1
|
2
| ||
|
|
I am trying to calculate the "thruput" (i.e. number of records processed per second) for certain transactions.
Sam...
by
steveirogers
Communicator
in
Archive
05-25-2011
|
0
|
2
| ||
|
|
I have implemented the Windows DHCP app and it is working GREAT!
Here is what I am trying to accomplish with it. ...
|
1
|
5
| ||
|
|
I have a log with a timestamp that looks like this:
<135>May 24 03:20:33
I'm no regexp expert so I am asking, w...
|
0
|
2
| ||
|
|
Hi All,
I need to match two value from different logs but same field name. How can I do that? Example I have Ironp...
|
0
|
2
| ||
|
|
When I attempt to run the searches "Cisco Firewall - Denies Over Last 24 Hours" or "Cisco Firewall - Accepts Over Las...
|
0
|
2
| ||
|
|
My accept rate stays at 0% even though I have 3 out of 5 questions where I accepted an answer. Looks like there's a b...
|
2
|
2
| ||
|
|
As I am indexing the data, I notice that apart from the 'sources' that are appearing correctly (/var/log/filename.gz ...
by
hemantbhatta
Explorer
in
Archive
08-06-2010
|
0
|
4
| ||
|
|
Hi,
I have a continuous stream of response times for a given service. A fraction of these responses can be very hi...
by
splunkrags
Engager
in
Archive
05-19-2011
|
0
|
1
| ||
|
|
Hi does anyone has experience with creating a report from a Juniper Netscreen (ScreenOS) traffic log?
My customer ...
|
1
|
1
| ||
|
|
I'm trying to make a search that finds failed WindowsUpdate events that do not have a corresponding successful event....
|
0
|
3
| ||
|
|
In the loggfile:
[#|2011-05-18T11:03:35.375+0200|SEVERE|sun-appserver2.1|com.sun.xml.ws.server.sei.EndpointMethodH...
|
1
|
1
| ||
|
Tried to find out where this parameter goes so that my reports show my X-Axis labels vertically as the text does not ...
|
0
|
7
| ||
|
|
Hi mw
i want your advice me about install Splunk for bigfix. The dashboard can't display data in the bigfix server...
by
chowalit_aum
New Member
in
Archive
05-09-2011
|
0
|
1
| ||
|
|
I have some gaps in my data. I want to fill those gaps only when I visualize it.I have some filler events created via...
by
hmahendrakumar
Path Finder
in
Archive
05-11-2011
|
1
|
3
| ||
|
|
Hi,
I did a task scheduler for my batch file. And I trigger it everytime I log on to my computer. So I shut down m...
|
0
|
1
| ||
|
|
My WinDHCP implementation is repeatedly trying to email example@example.com even though I have changed the action.ema...
|
0
|
4
| ||
|
|
Based on the docs ( http://www.splunk.com/base/Documentation/4.2.1/Deploy/Configureforwarderswithoutputs.confd#Define...
|
0
|
3
| ||
|
What could be the reason why a search for "index=*" shows all expected events and "*" does not?
My indexes are ful...
|
0
|
3
| ||
|
|
Does anyone know where to find documentation for date & time variables? I can't find it anywhere.
I some of them, ...
|
2
|
2
| ||
|
|
I know the answer to this is "no," but I wanted to verify, since it was requested.
If I have two side-by-side stac...
|
0
|
2
| ||
|
|
Splunk can provide a one time forgiveness reset license key that is valid for 24 hours. Submit a case here and provid...
|
1
|
4
| ||
|
|
Fresh install of Splunk for Windows x64. Looking around for problems prior to loading data I found this error:
...
|
1
|
1
| ||
|
|
Dear all,
I am currently struggling on extracting field for Symantec Mail Security for SMTP. The Sample Log looks ...
|
0
|
2
| ||
|
If I go to my Answers profile page, and then 'edit user settings' and then 'email notification settings', it has a se...
|
5
|
1
| ||
|
|
We have reached a conclusion that a new app should have all of its data in a unique index.
How do I set (or overr...
|
3
|
3
| ||
|
|
I want to create an app where there will be a dropdown with 2 hardcoded values. These 2 values represent 2 different ...
|
0
|
2
| ||
|
|
I am trying to determine what the frequency is that Splunk reads log files. I have Data Inputs setup against 5 web se...
|
1
|
4
| ||
|
|
Am I correct in assuming localizations are performed based on your app context and that non-visible apps do not need ...
|
0
|
2
| ||
|
|
if i run the msi , i am asked to modify or repair? but running it , i still show splunk version from command line at ...
|
0
|
2
| ||
|
|
I've got access combined logs from a farm of x number of servers tarred up on a daily basis. So the tar file looks li...
|
1
|
2
| ||
|
|
Hi Please find the "Splunk searching with mysql - Step By Step Guide" in my blog http://wesecure.wordpress.com/2011/...
by
netgeek1983
Engager
in
Archive
05-06-2011
|
1
|
1
| ||
|
|
What do the fields psrsvdgc=x and psrsvdv=x mean? Where do these fields come from and how are they used in the logs?
|
0
|
1
| ||
|
|
Hello,
When running the test script for AmMaps within my Free Enterprise Evaluation of Splunk (latest ver), no pub...
|
0
|
1
| ||
|
Splunk throws error message when data input tar.gz file contains Simplified Chinese characters(GB2312): Input is not ...
|
1
|
1
| ||
|
|
I'm encountering some difficulties trying to get setup.xml working reliably across multiple apps.
When I take a s...
|
2
|
4
| ||
|
|
HI,
I recently upgraded to the new version of splunk (4.2) and I was experimenting with some apps. I tried install...
|
1
|
3
| ||
|
|
The data is being indexed, but a lot of errors in splunkd.log
this is a snippet of log after running splunk indexe...
|
1
|
2
| ||
|
|
Hi, All.
I'm setting up a new indexer and have run into an intermittent issue with Splunk (on 64 bit Linux) report...
|
1
|
4
| ||
|
|
Hi all according whith docs: http://www.splunk.com/base/Documentation/latest/admin/Eventhashing
seems very easy to...
|
0
|
1
| ||
|
|
How can I have a start time on my search, so that it starts every time reflecting the current time. I want to display...
|
0
|
1
| ||
|
|
Within the PCI CC App it seems that some of the info boxes do not update with the proper information but instead retu...
|
0
|
2
| ||
|
|
My $SPLUNK_HOME/etc/system/local/indexes.conf is below. Apparently I'm missing something because cold archives are be...
|
0
|
1
| ||
|
|
I have a series of logs being written by a custom application and the size of the log files is static, and when the a...
|
1
|
1
| ||
|
|
Hi,
is there a way how to draw into graph line which could serve as a baseline? To give use simple understanding w...
|
0
|
1
| ||
|
|
I have Splunk 4.2 and have installed Splunk for Cisco IPS version 1.0.1 and I'm running this on Ubuntu.
I have suc...
|
1
|
3
| ||
|
|
Last night around 2345 a splunk-optimize process seems to have kicked off, and my server has essentially been unrespo...
|
0
|
2
| ||
|
|
I have a csv file input that is based on a data sampling method (takes the per-second average for a counter and recor...
|
1
|
9
| ||
|
|
Hello there, I have a number of applications that I want to log to Splunk. I will be sending the data in an XML forma...
|
0
|
2
| ||
|
|
I have a number of events reaching Splunk. Each event has an ID which is a simple sequential number.
Is there a w...
|
2
|
3
| ||
|
|
I simply want to analyse a single log file I've downloaded from our server, and produce some charts, but am running o...
|
1
|
7
| ||
|
|
I was told from support to run ./splunk diag and i receive the following:
./splunk diag
Ensuring clean temp dir......
|
7
|
2
| ||
|
|
I need to install PDF server app on a separate machine from my index server/master license server
Is PDF serv...
|
1
|
1
| ||
|
|
Tried to update Deployment Monitor to newer version via the application manager, had a comment a new version was avai...
|
0
|
1
| ||
|
|
Hi,
I had a question about hardware scaling.
Our current setup: 1 search head: Intel Xeon 2.54GHZ 4 processors,...
|
3
|
2
| ||
|
Typically we make new apps by just cloning the simple app (I forget what it's called) but that includes some ui files...
|
2
|
4
| ||
|
|
Has anyone successfully implemented this app? We're trying to gauge the level of interest in a BigFix solution.
|
1
|
3
| ||
|
|
I am showing a time chart filtered by host. There is no host named OTHER. but on actual graph OTHER appears as one of...
|
1
|
1
| ||
|
|
I'm trying to put a newline in my label tag in for one of the inputs. Not sure how the newline character should be sp...
|
0
|
6
| ||
|
|
I am in the process to migrate our Splunk installation to a new server. I found how to move the Splunk index... a big...
|
0
|
2
| ||
|
|
We have a file being monitored, and the default output is a round-robin to four indexers. The results show up just fi...
|
1
|
7
| ||
|
|
Hello, Just started using Splunk, i added two sensors through the web setup of Cisco IPS. I don't see any IPS data in...
|
0
|
1
| ||
|
|
Hi this may sound like a simple question ...
we are on splunk 4.2
We have a number of linux servers that we ar...
|
2
|
1
| ||
|
|
When posting a question or answer, I often like to be able to paste in a URL to direct the reader to further informat...
|
2
|
2
| ||
|
|
What's the best 1-2 hour intro/tutorial to read/watch to get started in splunk?
|
4
|
6
| ||
|
|
hi, I am new to splunk and am trying to make a querry to give me all vulnerabilities of each computer in my domain. I...
by
TomCollick
Explorer
in
Archive
04-14-2011
|
0
|
1
| ||
|
|
Hi all. Yesterday installed a fresh 4.1.7 64 on windows 7 and ajusted some data inputs intervals. Then I added anothe...
by
MrSplunksta
Path Finder
in
Archive
03-16-2011
|
2
|
7
| ||
|
|
I have a couple of directories with 120,000 files in each. This is a file every 5 minutes or so for the last 6 months...
by
vbumgarner
Contributor
in
Archive
04-13-2011
|
1
|
1
| ||
|
|
I had splunk running on a windows machine with my cisco asa 5505 sending syslogs too it and I was able to see destina...
by
terryblair
New Member
in
Archive
04-13-2011
|
0
|
1
| ||
|
|
I need to transport an index and remount it in a new splunk instance for review. The index has block signing on and S...
|
0
|
2
| ||
|
|
I encounter a similar problem as thread 12702. I followed instruction on 'Setup screen example using a custom endpoin...
|
0
|
2
| ||
|
|
Can splunk support file in GBK?
According to Wikipedia, GBK is an extension of the GB2312 character set for simpli...
|
0
|
1
| ||
|
|
Hi,
I have to create a timechart where each point plotted is the average of the count of events in the last 20 min...
by
oscargarcia
Path Finder
in
Archive
04-05-2011
|
1
|
1
| ||
|
|
I observed that none of the log files are not indexed into Splunk when I used the environment variable, in my case it...
by
Nicholas_Key
Splunk Employee
in
Archive
05-16-2010
|
0
|
5
| ||
|
|
I've got a problem after upgrading to 4.2... I can't access splunk because de home page doesn't finish loading.
I'...
|
0
|
2
| ||
|
|
Signed index data not showing up correctly with Splunk 4.2. Worked OK on 4.1.
Create a new index on indexer (...
|
1
|
2
| ||
|
|
I'm working on a custom search command which will take the results of a search and create an XML output file. As a ve...
|
0
|
1
| ||
|
|
So originally I thought the way cloning would work between two indexers was that data from a forwarder setup to clone...
|
2
|
6
| ||
|
|
Have anyone else experience busted block signing in 4.2?
Every install of 4.2 we have is not executing the block s...
|
1
|
1
| ||
|
|
Hi there,
after my first install of splunk 4.2 on Debian and the start without any errors i try to login, wich wor...
|
0
|
10
| ||
|
|
Can I install the splunk software on windows and monitor the WAS running on unix ? Where do I configure that ?
by
bonu_nagababu
New Member
in
Archive
04-07-2011
|
0
|
3
| ||
|
|
In the OSSEC dashboard, what do the count values mean for the elements of the various "Top N" pie graphs? For example...
by
branchbunch
Explorer
in
Archive
03-29-2011
|
0
|
5
| ||
|
|
The RPMs for 4.1.8 have been posted since yesterday, but the release notes link is still broken. Even playing around ...
|
2
|
5
| ||
|
|
We used to have a dashboard driven by a simple query that would show a value per hour for all of our index servers.
...
by
kevintelford
Path Finder
in
Archive
04-06-2011
|
0
|
2
| ||
|
|
I have the following query:
host=wps03 mc_getLDAPGroupsTimer | table time host username mc_getLDAPGroupsTimer | s...
|
5
|
2
| ||
|
|
I am running a search like so:
sourcetype="stuff here" | timechart span=1h sum(bytes) as Total by limit=10 usernam...
|
1
|
2
| ||
|
|
With the 4.2 update, something has gone sideways, and made me violate my free license every day since the update. The...
|
1
|
4
| ||
|
|
Hi folks,
I have following search param in a HiddenSearch:
<param name="search">index="overall" src_ip="*...
|
0
|
1
| ||
|
|
What file would you edit to extract that field automatically in the future?
|
0
|
1
| ||
|
|
Can anybody explain to me how 'transaction' command works in a step by step written format?
|
0
|
1
| ||
|
|
How do you perform a field extraction on the fly in Splunk?
|
0
|
1
| ||
|
|
Where index retirement policies are concerned, if you define both size and age I assume first policy type hit wins?
by
ualbanytech
Path Finder
in
Archive
04-05-2011
|
0
|
4
| ||
|
|
Hi all,
I am not the first one complaining about it. As I read v4.2 of Splunk checks the keys in stanzas and repor...
|
3
|
4
| ||
|
|
Hi, I've configured Splunk to send email alerts based on a search criteria. I would like to know how I can send these...
|
0
|
2
| ||
|
|
When trying to run a search from a remote CLI instance, I keep getting a 404.
The command-line I'm running is:
...
|
1
|
1
| ||
|
|
I am evaluating Splun 4.x as my log file analyzer for a Checkpoint UTM-1. I followed the procedures for configuring a...
by
jonathanhowell
Engager
in
Archive
06-16-2010
|
1
|
5
| ||
|
|
I'm using timechart to show the number of connections we have over a collection of servers. When these servers go thr...
|
1
|
4
| ||
|
|
Upgraded a 4.1.6 server (32bit) to 4.2 this morning, and the splunkd.log is now generating a constant error of:
ER...
|
1
|
6
| ||
|
|
Hi,
I encountered a problem with the splunk indexing.
I developed a script to invoke tshark to generate HTTP ...
|
0
|
2
| ||
|
|
"Enable configuration changes made to transforms.conf by typing the following search in Splunk Web: | extract reload=...
|
0
|
4
| ||
|
|
How does Splunk determine which fields to add to "other interesting fields"?
|
2
|
3
| ||
|
|
Are there any way to further customize the setup.xml file for my app?
I'm trying to include some radio-buttons, or...
|
0
|
2
| ||
|
|
Is there a way to highlight a line so I don't delete the wrong search?
|
0
|
1
| ||
|
|
Hey everyone. I am trying to bind the forwarding service to a particular IP because one of the boxes we are using as ...
|
0
|
2
| ||
|
|
In the puppet app (http://splunkbase.splunk.com/apps/All/4.x/App/app:Splunk+for+Puppet+Configuration+Management), var...
|
1
|
2
| ||
|
|
Using the documentation reference from here, I am trying to create a setup screen for my application which uses both ...
|
0
|
4
| ||
|
|
All,
I am trying to remove duplicate values in a list of email addresses. First, I am loading this from a CSV, ins...
|
0
|
4
| ||
|
|
When I install the app, it puts it in the apps\Splunk_CiscoIPS directory, but the scripts are pointing to apps\cisco_...
by
seanmcanally
Engager
in
Archive
03-16-2011
|
1
|
2
| ||
|
Nope, didn't know about the proper procedure for backing up database and NOT being able to backup hot buckets (now I ...
|
3
|
3
| ||
|
|
i'm newbie to splunk and i'm trying to get splunk monitor a capture file from Wireshark. i set wireshark to capture t...
by
offtheboxuser
Engager
in
Archive
05-25-2010
|
2
|
3
| ||
|
|
I am trying to monitor a file on a forwarder. I don't wish to send all the contents, as there is unnecessary data in ...
|
0
|
4
| ||
|
|
Hi
This is a trivial question, but maybe someone has a really good answer to prevent the uncontrolled growth of li...
|
0
|
5
| ||
|
|
How do you enable the Unix app on the new universal forwarder? When I use the ./splunk enable app unix -auth:password...
|
1
|
2
| ||
|
I have DNS log lines that look like the following:
(4)mail(6)google(3)com(0)
(7)twitter(3)com(0)
(12)spreadsheets(...
by
the_wolverine
Champion
in
Archive
03-22-2011
|
0
|
5
| ||
|
|
Currently, I have enabled splunk forwarder on a particular windows box with SSL encryption to the indexer. ( Although...
by
heterodyned
Path Finder
in
Archive
03-10-2011
|
0
|
2
| ||
|
|
A app for monitor Juniper logs srx, sa etc would be cool.
|
0
|
3
| ||
|
|
We use host tagging to denote both site and OS. I have applied host tags as both a power user and a admin and only I ...
by
billbender
Engager
in
Archive
03-23-2011
|
0
|
1
| ||
|
|
I have exceeded the maximum 5 violations on my indexer and tried to apply a the reset license (temporary, valid for 3...
|
2
|
1
| ||
|
|
I am using the ServerSideInclude feature to add custom javascript to a module.
The problem comes up when I take a ...
|
0
|
2
| ||
|
|
I'm clobbering myself trying to understand exactly which mechanism in this xml sample from the UI example, "panel-def...
by
blurblebot
Communicator
in
Archive
03-22-2011
|
0
|
2
| ||
|
|
Hi all!
This windows splunk ver splunk-4.1.2-79191-x86-release running on a windows server 2003 US does not start ...
by
MrSplunksta
Path Finder
in
Archive
06-08-2010
|
0
|
7
| ||
|
|
I have to monitorize multiple log such access_log, error_log and xferlog_regular files in a different categories. The...
by
roccotocco
New Member
in
Archive
03-23-2011
|
0
|
1
| ||
|
|
I think I've missed something but I have a lab environment set up using 4.2
I have a CentOS universal forwarder fo...
|
1
|
3
| ||
|
|
Anyone out there having problem with using 4.2 where when the time is set to real-time, error occurs with table views...
|
1
|
3
|
