Knowledge Management

Discussions

Thread Info

Can't Delete Dashboards/Reports/Indexes After Running Packaging Tool

We have Splunk Enterprise 8.1.2 and are preparing our app to migrate to a Splunk Cloud environment. After running the...

by New Member in

Sharing a Dashboard securely?

Hoping this isn't too basic of a question... How can I share a dashboard without user seeing apps, messages, settin...

by Explorer in

Why am I getting KV store error 'External command based lookup 'MY_KV_LOOKUP' is not available because KV Store initialization has failed'?

Hello, After a while, my KV Store isnt working. I receive this message: The lookup table 'External command b...

by Communicator in

Code 401: Unauthorized for Splunk HTTP

When Boomi Process trying to call Splunk HTTP URL to feed the date receiving the following error , Code 401: Unauthor...

by New Member in

Health Check - Orphaned Objects False Positive Detection

Hi there, I ran a Health Check from the Splunk Master Server and noticed that there were 240 orphaned knowledge obj...

by New Member in

Anaplan Training

1. Can I know Blueprint View? 2. What is security authorization? 3.Anaplan add in?

by Engager in

KV store lookup last updated field

Hello all, I want to add last updated date column in dashboard for KV store lookup. When I am using time () or no...

by Engager in

Where is the Location of knoweldge objects in the Backened?

I am a developer and I have crated a splunk dashboard using simpleXML. The entire code must be saved in the backene...

by Contributor in

KVStore Failure

W CONTROL [main] net.ssl.sslCipherConfig is deprecated. It will be removed in a future release. F NET...

by Path Finder in

Accessing Fields in Summary Index

I was curious if anyone could help me understand or point me to documentation that refers to accessing fields in a su...

by Explorer in

In dashboards we have lookups which is slow so need an alternative approach like summary index or KV store

Hi, In dashboards we have lookups which is slow so need an alternative approach like summary index or KV store Th...

by Contributor in

Splunk License Use case

I have a 200 GB/day license installed in the Splunk Enterprise Cluster. The daily usage of license hovers around ~180...

by Contributor in

User id has been disabled is there any option to see private searches?

Hi, In my organization a particular user id has been disabled and is there any drawback on searches or in runn...

by Engager in

use lookup file content in splunk search

Hello Team, I have a list of search names saved in csv format and resides in splunk as look up file(222 saved searc...

by Observer in

fill_summary_index metrics index , duplicates

We are trying to use the fill_summary_index.py script to backfill times when the data isn't populated in a metrics ba...

by Contributor in

Field aliases not parsing fields from Exchange

I am currently trying to parse data to map to a specific CIM-compliant field name. Specifically, I have setup a field...

by New Member in

How do I view / use my Splunk KV store collections?

I looked in lookups but did not find them. How do I view / use my Splunk KV store collections?

by Contributor in

Field limitation based on the user

Hi All,Overview :I am receiving logs from 40 fortigate firewall devices across the world and all are being indexed in...

by Explorer in

kvstore

Hi, I have created a KVstore _key value should be avc_id field In my case the key value is auto created, how t...

by Contributor in

Transaction-like login events

Hi, I have applications that log login events as multiple events. Example: [07B0:007E-19E8] 2021.03.17 11:5...

by Explorer in