Knowledge Management

Community Activity

How can I create an External Lookup that does not create a CSV but displays the results? I am looking to run a python script that will take the results of several API calls and make them into something that... by danfein New Member in Knowledge Management 12-19-2017 0 3	0	3
processing of Mainframe logs the logs we're interested in from the mainframe are from java WebSphere applications running on Z/os. They're in asc... by aoates Splunk Employee in Knowledge Management 12-19-2017 1 8	1	8
Looking for the Forecasting Code/Macro from Mike Fisher's Splunk Conf 2016 Presentation Ok, I found this great post from Conf 2016 by Mike Fisher about using Splunk for forecasting: https://conf.splunk.com... by bandit Motivator in Knowledge Management 12-19-2017 1 7	1	7
KV Store: Fatal Assertion - Write to OpLog failed We are running Splunk 6.5.1, and on one of our standalone search heads, upon every restart of splunkd we get the foll... by coltwanger Contributor in Knowledge Management 12-19-2017 0 2	0	2
how to start mongo db in splunk how to start mongo db in splunk ? I checked in logs that mongodb is down in one of our servers by Mohsin123 Path Finder in Knowledge Management 12-18-2017 0 2	0	2
how to index a csv file which is not in a correct format Hi , Here is my scenario, I have to index the below csv file, where the format looks like this , confused with the ... by benazir Explorer in Knowledge Management 12-16-2017 0 3	0	3
How to bring "Page Fault per Operation" value to normal state ? I couldnt find any mention about this particular topic anywhere, hence posting this question. Currently, on the Sear... by damode Motivator in Knowledge Management 12-14-2017 0 3	0	3
delete an orphaned knowledge object I know how to reassign an orphaned object How to delete an orphaned search/knowledge object by Mohsin123 Path Finder in Knowledge Management 12-14-2017 0 1	0	1
How to create a summary table with number of calls and percentage Hi, Can anyone help write a query where it can display User \| Number of calls current week \| number of calls last ... by raviteja029 Explorer in Knowledge Management 12-13-2017 0 6	0	6
How to add events to an index like logevents but without using alert (using a search for instance)? Hello guys, how to add events to an index like logevents but without using alert (using a search for instance)? The... by splunkreal Motivator in Knowledge Management 12-13-2017 0 2	0	2
Overview of events and feeds coming in Is there a quick way on getting a list of all events coming in and all feeds coming in? Would it also be possible to... by ecanmaster Explorer in Knowledge Management 12-07-2017 0 1	0	1
dropdown token argument to macro argument Am using a macro with 1 argument and while calling it to update my table with values am passing query as mymacro(arg1... by surekhasplunk Communicator in Knowledge Management 12-06-2017 0 3	0	3
How can I prevent adding duplicate events when indexing via scheduled reports to a summary index? I currently have a saved search configured to write its results to a summary index. This search is scheduled to run ... by adamblock2 Path Finder in Knowledge Management 12-05-2017 0 1	0	1
What are best practices and uses for data models? Sometimes in my Splunk Education I need repeating some things for myself. Today it's Data Model. I have used Data Mod... by test_qweqwe Builder in Knowledge Management 12-04-2017 0 4	0	4
Extracting the date from a filename without modifying the datetime.xml Hi, I'm trying to extract the date from a filename without having to configure the config.file, i want to be able to... by mahbs Path Finder in Knowledge Management 12-04-2017 0 2	0	2
How do you write a correlation search with a data model? Hello my little friends. I have logs from tomcat and they joined Web Data Model, so that means that I can write corre... by test_qweqwe Builder in Knowledge Management 12-04-2017 0 3	0	3
String concatentation (strcat command) is duplicating results Hi, I have this data Properties: { [-] analyticsConfigs: { [+] } appVersion: ... by dbcase Motivator in Knowledge Management 12-01-2017 0 4	0	4
How to format a metrics_csv file for a metrics index? Hello, I would like to know what kind of format does a CSV file need to follow in order to feed it to a metric index... by jwillaime Explorer in Knowledge Management 11-29-2017 0 2	0	2
Extracting Text/Field from _raw Microsoft Event For Failed Backups Greetings, I want to run a report/alert when a MSSQL backup job has failed. It looks like the info I want is only d... by SplunkLunk Path Finder in Knowledge Management 11-27-2017 0 2	0	2
Can I populate a macro from search results? Hi, I am trying to take the results of a search that returns 1000 machines and search for them in an index. Not sure... by poxx82 Engager in Knowledge Management 11-25-2017 0 4	0	4
Search driven by KVStore parameters I have a set of events similar to below and a working search for a single ID value of 133. My next step is to make th... by stephendavisWK Explorer in Knowledge Management 11-17-2017 0 3	0	3
Continuous Evaluate File Can I set csv file as input in local monitor as continuous monitor. I tried to set a file but it seems it is not wor... by akshatj2 Path Finder in Knowledge Management 11-16-2017 0 1	0	1
Is it possible to perform field extraction on a string inside a JSON object? Given a log in JSON format, such as: {<!-- --> a: "some data", b: "some more data", c: "field1=data1 \t field2=data2" } H... by scottsnow New Member in Knowledge Management 11-16-2017 0 4	0	4
Use field as _time in lookup does not work Hi to all, i have a csv like: host,last_report_time host1,2017-07-28-14.23.00.000000 host2,2017-11-15-06.44.00.00000... by maurelio79 Communicator in Knowledge Management 11-15-2017 0 5	0	5
ImportError: No module named site when training own data with Sentiment Analysis App I'm trying to create a model based on my own data using the Sentiment Analysis App. Apparently there isn't much docum... by jebssantos New Member in Knowledge Management 11-14-2017 0 1	0	1