Knowledge Management

Knowledge Management
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
fb_chris

How can I measure the time it takes for a query to run?

Hello, I would like to optimize my queries — how can I measure the time it takes to execute them? I understand that ...
by fb_chris Engager in Knowledge Management 12-04-2018
0 2
0
2
lybinhlap

Search process did not exit cleanly, exit_code=255, description="exited with code 255

Dear everyone, Have a good day ahead. I am having the following issue that need your advice. Recently, I have deploy...
by lybinhlap New Member in Knowledge Management 12-03-2018
0 2
0
2
d389133

Can you help me with a problem using conditionals in eval macros?

Hi All, I'm struggling to get an eval macro working using conditionals (either case or if statement). No matter wha...
by d389133 Explorer in Knowledge Management 12-03-2018
0 2
0
2
rbal_splunk

[SmartStore]To avoid failure, can we get recommendations for migrating a clustered environment with 50 indexers to Smartstore?

We have read documentation and planning as per documentation, we are looking for feedback for common recommendation ...
by rbal_splunk Splunk Employee Splunk Employee in Knowledge Management 12-02-2018
0 3
0
3
Hemnaath

why the data is not conformed with CIM model after implementing the splunk Add-on for F5 BIG-IP?

Hi All, Currently facing an issue in parsing the data and also the data is not conformed with CIM model. Environme...
by Hemnaath Motivator in Knowledge Management 11-27-2018
0 6
0
6
rbal_splunk

[Smartstore]Can I get more information on Migrating the data from Splunk Local store to remote storage?

I am trying to migrate date from local storage to remote store and would like to understand best way to monitor the p...
by rbal_splunk Splunk Employee Splunk Employee in Knowledge Management 11-27-2018
0 2
0
2
landen99

Why does a search on the "query" field yield different results than on another name like "query_name"?

The following two searches yield very different results: ...|search NOT [...|rename field AS query] ...| rename quer...
by landen99 Motivator in Knowledge Management 11-27-2018
0 1
0
1
jip31

Can you help me extract an event between tags?

Hello I have XML logs and I want to extract all the text between these tags What is the better way to do this please...
by jip31 Motivator in Knowledge Management 11-26-2018
0 4
0
4
robertlynch2020

parallel reduce search processing - How do i know it is working? Do i have to use "Redistribute"?

Hi I have configured the below http://docs.splunk.com/Documentation/Splunk/7.2.1/DistSearch/Parallelreduceoverview ...
by robertlynch2020 Influencer in Knowledge Management 11-21-2018
0 0
0
0
scassesse

assertionconsumerservice URL is missing from samlrequest in SP-initiated SSO flow.

I am currently working with our Okta team to get SSO working with Splunk. However, we cannot get the assertionconsume...
by scassesse Engager in Knowledge Management 11-20-2018
1 3
1
3
rbal_splunk

[KVstore] Upgrade 8 Node SHC member from 6.6 to 7.1.4 and kvstore is broken

splunk showAll kvstore members had status starting and and mongod.log shows the messages like below: 2018-11-10T13:3...
by rbal_splunk Splunk Employee Splunk Employee in Knowledge Management 11-16-2018
0 1
0
1
DeanDeleon0

How do you append data resulting from a previous search by subtracting 1 from the result in a field?

Hello all, I am trying take the results of my search and append the results based on that search from the "OID" fiel...
by DeanDeleon0 Path Finder in Knowledge Management 11-15-2018
0 3
0
3
Muryoutaisuu

populating search unable to select summary index

In the documentation about using summary indexes it says at step 8: Select a summary index. The default summary ind...
by Muryoutaisuu Communicator in Knowledge Management 11-15-2018
0 4
0
4
ejespiritu

How do you display a count based from the latest timestamp?

Hello, I'm new with Splunk and need some help. I need to filter my data to only count the status of the latest time ...
by ejespiritu Explorer in Knowledge Management 11-14-2018
0 1
0
1
halbeisendv

Why does a Summary Index use the "main" index when I specified a different index?

Why does a Summary Index use the "main" index when I specified a completely different index? I have looked in inputs....
by halbeisendv Path Finder in Knowledge Management 11-14-2018
0 8
0
8
AMCollins

Are there any instructions for getting eDirectory 8.8 data into Splunk?

Could anyone share some insight on how to get data from eDirectory 8.8 or later into Splunk?
by AMCollins Explorer in Knowledge Management 11-13-2018
0 6
0
6
chinmayc469

Issue related to data Model

I have created a data model from splunk UI and also added some eval fields to the data set. After this, i tried crea...
by chinmayc469 Explorer in Knowledge Management 11-13-2018
0 1
0
1
MikaJustasACN

How to set Splunk to feed ServiceNow CMDB?

Hi All, Any guidelines on how to properly configure Splunk feed to ServiceNow CMDB? What are the drawbacks, pitfalls...
by MikaJustasACN Path Finder in Knowledge Management 11-12-2018
1 0
1
0
jthunnissen

Are '.' characters in KV lookup field names supported?

I notice that whenever I create a KV-store lookup definition with a field containing a '.' character, it does not wor...
by jthunnissen Path Finder in Knowledge Management 11-11-2018
0 1
0
1
morethanyell

Is it possible to create an alert that does summary indexing and sends an email?

We got a working solution using saved searches (summary indexer and alert sending email) that does something like thi...
by morethanyell Builder in Knowledge Management 11-10-2018
0 4
0
4
tjago11

Summary index for large data and many group bys

I'm hoping to get a single summary index query that I can then use to pull data in different ways. I would prefer to ...
by tjago11 Communicator in Knowledge Management 11-09-2018
0 2
0
2
vishaltaneja070

Can we send summary indexed data to third party receivers?

Can we send summary indexed data to third party receivers? Like I have done the summary indexing on my search head a...
by vishaltaneja070 Motivator in Knowledge Management 11-09-2018
0 2
0
2
Log_wrangler

Can you help me with my query involving a saved search and summary indexing?

Hi, I am trying to understand how and where Splunk stores data from saved searches that populates a new summary inde...
by Log_wrangler Builder in Knowledge Management 11-05-2018
0 3
0
3
Upas02

Need complete set of Buttercup games data ? Does anyone has it ? Will be great if Splunk can provide it. Thank you.

Need complete set of Buttercup games data ? Does anyone has it ? Will be great if Splunk can provide it. Thank you. I...
by Upas02 Path Finder in Knowledge Management 11-02-2018
5 4
5
4
Splunk_citizen

Fetch global team model failed. Details: [HTTP 503] [{'type': 'ERROR', 'text': 'KV Store initialization failed

Hey Splunkers, when i run my ITSI app im getting below erro. Fetch global team model failed. Details: [HTTP 503] [{...
by Splunk_citizen Explorer in Knowledge Management 10-30-2018
0 1
0
1
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...