Knowledge Management

Community Activity

User unable to select custom summary index Hi dear Splunkers, I was spending hours to find and answer in docs or here, but still not got anything satisfying so ... by tingrida Engager in Knowledge Management 06-26-2020 0 2	0	2
Configure Data Model Acceleration to run as a particular user? A data model acceleration is populating summary with "friendly" values from an automatic lookup (replacing a guid-lik... by wryanthomas Contributor in Knowledge Management 06-25-2020 0 0	0	0
KV Store Errors : KV Store changed status to failed. Failed to start KV Store process. Getting KV store errors without using KV store I have a standalone Search head catering to Indexer cluster with 2 indexers. On both SH and IDX, we get KV store init... by Ankitha_d Path Finder in Knowledge Management 06-24-2020 2 3	2	3
Where to download data for use to practice/learn splunk? I've completed the 'fundamentals' study but wish to move further. However, not having any data to work w/ is a stopp... by djchatman New Member in Knowledge Management 06-22-2020 0 5	0	5
Turned off all the savedsearches Hello @gcusello In my lab instance we are uploading our data for testing purposes to check data is properly parsed o... by uagraw01 Motivator in Knowledge Management 06-19-2020 0 15	0	15
db_183236610_1832273414_19315 what does this mean? db_183236610_1832273414_19315what does this mean? Its part an index data. by Reethika Path Finder in Knowledge Management 06-18-2020 0 1	0	1
How to Share Lookup to other SearchHead Can i share the output of a lookup command to one search head to another search head. This is my Setup for this test... by jadengoho Builder in Knowledge Management 06-18-2020 0 3	0	3
Renaming the macro I have a macro created already in a app. Now, I need to change the name of the macro. I couldn't find any option to r... by varshini_97 Path Finder in Knowledge Management 06-18-2020 0 1	0	1
Is there a dedup alternative for removing identical events? Currently my query uses dedup to remove identical events:dedup comp_id _timeIs there an alternative to dedup to only ... by TammyF New Member in Knowledge Management 06-18-2020 0 1	0	1
Splunk not coming up This site can’t be reachedlocalhost refused to connect.Try:Checking the connectionChecking the proxy and the firewall... by Raosplunk Observer in Knowledge Management 06-17-2020 0 1	0	1
Data flows between index search and lookups I have a whole lot of servers data indexed for our project (index=* sourcetype=* source=) that needs to be searched b... by amitlookin Loves-to-Learn Lots in Knowledge Management 06-16-2020 0 7	0	7
Add field using eval to existing data model field Hello! I am just starting to work with data models (and eval expressions) and I am a bit stuck. I have a data model ... by tromero3 Path Finder in Knowledge Management 06-16-2020 0 1	0	1
Why did the KVstore fail to start after using a more secure cipher in server.conf? The splunk version is 7.1.0. Here is the default cipher from server.conf [sslConfig] sslVersions = tls1.2 sslVersio... by daniel_splunk Splunk Employee in Knowledge Management 06-16-2020 1 6	1	6
Javascript take splunk username Hi, I'm trying to get the Splunk user that making changes in kv store. I tried to use the rest call but the User_Name... by maurobissante Explorer in Knowledge Management 06-15-2020 0 0	0	0
outputlookup takes 2 hours to update KVStore table with 2m rows I'm adding ~2k rows to a KVStore table with 14 fields and ~2 million rows. The outputlookup command takes nearly 2 ho... by markgrin Engager in Knowledge Management 06-12-2020 0 3	0	3
Insert field value into macro parameter Hi everybody, I have this search, using a macro called getImageURL(2): ... table country client artnumber \| eval s... by tcoq Path Finder in Knowledge Management 06-12-2020 0 7	0	7
Summary index timechart no values I'm trying to set up a summary index using the sitimechart command.I read a lot about it, in the docs and in this for... by natvaldev Observer in Knowledge Management 06-11-2020 0 2	0	2
Help with Trim Down Win Sec Events - 4624 Hi,I am in need of assistance with trimming down the Win Sec Event 4624 as it is blowing out our licensing. It is wor... by jscraig2006 Communicator in Knowledge Management 06-10-2020 0 0	0	0
How to pause log generation during downtime in service and track the duration of each pause? Hi Splunkers, I need to stop a particular service from generating logs in Splunk during downtime, and resume generat... by dharudiya Explorer in Knowledge Management 06-04-2020 0 3	0	3
Event type creation and AI We categorize log events using event types and assign them to people to address the issues using tags. Our events are... by sbarinov Path Finder in Knowledge Management 06-04-2020 0 0	0	0
Summary index for getting every one hour report HI All , i have a dashboard with 8 panels running in 58 seconds. I am getting data one hour and panel are auto refres... by Rukmani_Splunk Path Finder in Knowledge Management 06-03-2020 0 1	0	1
Will summary index work with appendcols? I have a query that joins the data from two types of log1st search acting on log lines like this: 2020-06-02T10:54:05... by jimhobday Engager in Knowledge Management 06-03-2020 0 2	0	2
KVSTORE main uses collecting data works the same without kvstore installed? what is the advantage to install it in an environment splu... by dani9 Explorer in Knowledge Management 06-02-2020 0 2	0	2
How to search in an index conditioned from the summary index. Hi. I have summary index_sum, which has 2 events, 2 attributes: A1_sum, A2_sum 1590482539, 7722527 1591080961, 77225... by spisiakmi Contributor in Knowledge Management 06-02-2020 0 3	0	3
Elapsed time logging in splunk Hi All, does splunk log the elapsed time automatically ? I am trying to join few different source types in splunk tha... by msrama5 Explorer in Knowledge Management 06-02-2020 0 1	0	1