Knowledge Management

Community Activity

	HELP with CEF CSV time format I am new to splunk and I have inherited a system that forwards log in CEF CSV format. These logs are then tar'd up a... by yhetti New Member in Knowledge Management 02-10-2024 0 2	0	2
	How do you add a field/column to an existing kvstore? We have a kvstore that has been used for about a year. Now we need to add a new field/column to the kvstore, but we ... by snorri Path Finder in Knowledge Management 02-08-2024 0 7	0	7
	SA-cim_vladiator on search heads cluster Hello,is it possible to install SA-cim_vladiatoron clustered search heads?Thanks. by splunkreal Motivator in Knowledge Management 02-07-2024 0 1	0	1
	Field extraction not working with transforms and props I am trying to extract some field values that comes in the following format <date>00-mon-year</date> <DisplayName>exa... by lclayton95 Loves-to-Learn Everything in Knowledge Management 02-06-2024 0 3	0	3
	Dedup function is not working in "fill_summary_index.py" script I need to backfill some missing data into the summary index. However, there are already a few data present in the sam... by Rahul_a Explorer in Knowledge Management 02-02-2024 0 3	0	3
	What does the Pain field indicate in this app I am using the Sideview App trying to monitor usage by users. There is a Pain field in the User Activity report. Do... by joemo Splunk Employee in Knowledge Management 01-28-2024 0 2	0	2
	Finding source of a lookup I want to know which saved search is generating a particular lookup , How do I do that? by Siddharthnegi Contributor in Knowledge Management 01-24-2024 0 1	0	1
	Priority and editing of local.meta/default.meta Hello everyoneTwo parter. First of all, am I correct in assuming that/appname/metadata/local.metatakes precedence ove... by fatsug Builder in Knowledge Management 01-22-2024 0 4	0	4
	how do I remove the single quotes from my key value pairs,how to remove single quotes from a key value pair I have a logs like below and this is not a JSON logs, indexing through HEC. Key1='value1' Key2='value' how do I rem... by jyothiadobe New Member in Knowledge Management 01-17-2024 0 7	0	7
	Is there a way of getting the total allocated memory assigned to a server? We are using perfmon and I have built some dashboards to show memory/cpu usage and alerts that trigger if each is goi... by danroberts Explorer in Knowledge Management 01-16-2024 0 3	0	3
	Where can I find more info on app licensing? I'm developing a Splunk app that I would like to give timed trials for and I would like to create licenses for it. I'... by staticlord1 New Member in Knowledge Management 01-05-2024 0 3	0	3
	How to resolve kvstore failed on indexer? Hello folks, Need your help. Here is the splunkd.log file with grep kvstore. Please review and advise what went wrong... by kiranhar Explorer in Knowledge Management 01-03-2024 0 8	0	8
	Failed to retrieve a user with these settings. Consult your LDAP admin or see splunkd.log with ScopedLDAPConnection set I encountered an error while configuring Splunk to connect to LDAP.Failed to retrieve a user with these settings. Con... by janson Observer in Knowledge Management 12-28-2023 0 1	0	1
	Request to download Splunk Universal Forwarder 9.0.7 Where can I download Splunk Universal Forwarder 9.0.7? by jmatos New Member in Knowledge Management 12-21-2023 0 1	0	1
	Overriding event times in Splunk logs The problem is that there is a lag happening in the log shipping from our application to Splunk, after some investiga... by siaavush New Member in Knowledge Management 12-21-2023 0 1	0	1
	Cannot create ticket in official support - required combo "Select Entitlement" is empty HiCannot create a ticket in official support.Required combo "Select Entitlement" is empty, cannot choose anything, so... by unionub Loves-to-Learn in Knowledge Management 12-11-2023 0 3	0	3
	Windows Logs in Endpoint data model Hello, i am deploying the ESCU searches in our environment. However, the endpoint logs are not ingested in Splunk. Ho... by sinhashubham014 Engager in Knowledge Management 12-11-2023 0 3	0	3
	Twitter X: Simple Hashtag Saving, Export, Data Visualization, and Analysis. Greetings Splunk's!My use case is quite straightforward:We aim to save and monitor (secondarily) some rare hashtags f... by LuureAmet New Member in Knowledge Management 12-10-2023 0 1	0	1
	I'm inputting all the information correctly, but the API is not functioning as expected for me. Even though I am providing accurate inputs, the Speakatoo API is not working as expected for me. Seeking assistance t... by luffy01 New Member in Knowledge Management 12-04-2023 0 0	0	0
	SmartStore S3 data replication I have been testing out SmartStore in a test environment. I can not find the setting to control how quickly data inge... by goldeneye1117 New Member in Knowledge Management 11-29-2023 0 1	0	1
	Use Case I'm trying to make SOC Use cases clear, concise, and easy to find later. It is possible to make a threat detection us... by gmbdrj Loves-to-Learn Lots in Knowledge Management 11-20-2023 0 1	0	1
	Adding a field that contains either 1 OR 2 words Hi all,I'm having difficulty crafting regex that will extract a field that can have either 1 or multiple words.Using ... by mmcap Explorer in Knowledge Management 11-18-2023 0 2	0	2
	SmartStore: Do warm buckets on S3 get rolled to frozen automatically? Just recently setup smartstore in a test environment using a single index and I'm trying to figure out some details o... by mccartneyc Path Finder in Knowledge Management 11-10-2023 0 2	0	2
	identity automatic lookup does not work Hi !I am facing an issue adding a new field in the ES identity kv store. After adding a new field automatic lookup do... by Pony0 Observer in Knowledge Management 11-09-2023 0 0	0	0
	Tags allow list CIM Setup are blank after upgrade I wonder if anyone else has experienced this and can advise?we upgraded from 9.0.3 to 9.1.1 also upgraded ES to 7.2.0... by lavster Path Finder in Knowledge Management 11-08-2023 0 0	0	0