Knowledge Management

Community Activity

Share a Machine Learning model that was not created in MLTK I created a model using the fit command and an algorithm (like: \| fit PCA k=3 into "my_PC_model"). I did it in an app... by bmartin11 New Member in Knowledge Management 04-16-2019 0 1	0	1
How to find the matching event from one index based on another index field? Below is my event details from two different indexes, Event from index= Query_details SPID="111", LOGIN="USER1",MSG=... by sangs8788 Communicator in Knowledge Management 04-15-2019 0 18	0	18
Generic Bitwise field decoding I'm thinking this might required a custom search command which I'd like to try to avoid if possible. I have about 10... by phoenixdigital Builder in Knowledge Management 04-13-2019 0 8	0	8
How do you remove the first letter of a value? I have a list of usernames of varying lengths. I just need to have the first letter of each username removed. Im gues... by brienhawker Explorer in Knowledge Management 04-11-2019 0 3	0	3
How to summary index the start & end time when a request is slow performing Hi, I have a threshold defined for each request on what is normal it will take to process every 5mins. Below query c... by sangs8788 Communicator in Knowledge Management 04-11-2019 0 1	0	1
KVStore Backup for Search Head Hi All, I am currently performing upgrade of my entire Splunk cluster environment. While performing the Search Head u... by santosh_hb Explorer in Knowledge Management 04-11-2019 0 1	0	1
count events by index and by sourcetype from an inputlookup hello I need to count the events generated by index and by sourcetype from an host list (csv file) It seems to work ... by jip31 Motivator in Knowledge Management 04-11-2019 0 4	0	4
Calculated field return invalid operator error I've a field called "NUMBER" which has values as shown below: NUMBER 0000123 001200 0000004567 00008780 I need it t... by vinayr9 New Member in Knowledge Management 04-11-2019 0 5	0	5
help with inputlookup and a subsearch hello In the search below I try to match host in "host.csv" with host which comes from a subsearch \| inputlookup ho... by jip31 Motivator in Knowledge Management 04-10-2019 0 6	0	6
Peering into other Splunks Hi, Our group needs to read data that is managed and stored in another Splunk in our company. The other splunk will... by a212830 Champion in Knowledge Management 04-08-2019 0 1	0	1
Field extraction My actual data is 'ProcessName'>C:\Windows\System32\lsass.exe Wanting to extract the field from C:\Windows\System32\... by thiru1 Engager in Knowledge Management 04-08-2019 1 2	1	2
If the device removed from network then how i will get to know in splunk ?? If the device removed from network or decommissioned then how i will get to know in splunk ?? by raja8220 New Member in Knowledge Management 04-04-2019 0 4	0	4
fill_summary_index.py script throws Exec format error I'm running Splunk Enterprise 6.4.1 on a Centos 7 machine. I need to backfill my summary index. I am running the ... by lyndac Contributor in Knowledge Management 04-04-2019 0 1	0	1
Need some understanding of Splunk server roles? I'm rearranging my Splunk server roles, and I noticed that if I remove SH role from my indexer, I still get the optio... by mgiddens Path Finder in Knowledge Management 04-03-2019 0 3	0	3
Trying to limit search duration with srchTimeWin and not working with data models and tstats Trying to limit search duration to 30 days. Working as expected except with data models and tstats. Should srchTimeWi... by simpkins1958 Contributor in Knowledge Management 04-03-2019 0 0	0	0
Missing Event/Field workflow from "Statistics" tab? I have a Workflow actions configuration like this: Apply only to the following fields: "Work Order ID", Work_Order_I... by woodcock Esteemed Legend in Knowledge Management 04-03-2019 2 5	2	5
How to read the macro search name from csv file? I have created a macro search and i stored the macro search name in csv file for certain conditions.I have used inpu... by karthi2809 Builder in Knowledge Management 04-02-2019 0 0	0	0
Can you give me some KV Schema storage advice? I have data extracted from a third-party API which is a JSON that looks something like this: { key1: value1, ... by kashz Explorer in Knowledge Management 03-29-2019 0 10	0	10
Exporting Knowledge objects with their permissions in CSV Is it possible to export a list of all the different knowledge objects and the permissions they hold in a CSV file or... by ohoparty New Member in Knowledge Management 03-29-2019 0 3	0	3
How to make sure a saved search does not create duplicates in a summary index? I'm having a tough time getting a particular scheduled saved search to not generate duplicates in my summary index. ... by rnotley Engager in Knowledge Management 03-29-2019 0 1	0	1
Is there a way to capture results from on(data) event into a global variable in splunkjs ? I have a button on my HTML dashboard. I need to display some details from a search event on click of that button, but... by harithivakarnad New Member in Knowledge Management 03-28-2019 0 0	0	0
lookup fields cannot be calculated using eval Hi, I have problem with eval for those fields generated by lookup, here is my search: my basic search \| table DATE ... by jyab6z Path Finder in Knowledge Management 03-28-2019 0 2	0	2
In upgrading Splunk Enterprise from 7.1.3 to 7.2.0, why is the Mongo Migration failing? Hello, I am giving the Splunk Enterprise 7.1.3 to 7.2.0 upgrade a try in my test environment, and I am currently stu... by eandresen Path Finder in Knowledge Management 03-27-2019 2 21	2	21
input lookup not working as expected Hi Ninjas, When i m using \|inputlookup x.csv it is returning all the rows and when i used \|inputlookup x.csv \|table ... by pench2k19 Explorer in Knowledge Management 03-27-2019 0 1	0	1
Cleaning up an index Hi! I need help with cleaning up an index. What I need help with is that I need to know what is being searched for, h... by amirarsalan Explorer in Knowledge Management 03-27-2019 0 2	0	2