Knowledge Management

Community Activity

Sending alert if summary index fails I have a scheduled search running every night to populate a summary index. This works well, but sometimes no data is... by richgalloway SplunkTrust in Knowledge Management 02-09-2017 1 2	1	2
Sorting results by time when an event was tagged I collect data over a period of time and one in the team can add a tag to collected events; and some of the events we... by cr019283 New Member in Knowledge Management 02-08-2017 0 3	0	3
Why am I getting data model acceleration error "Failed to contact the server endpoint https://127.0.0.1:8089 from touchSummary()" in Hunk 6.4? Hi All I work with Hunk 6.4 and I have an error message in splunkd.log when a Data Model is accelerating. ERROR Tsi... by tony_alibelli New Member in Knowledge Management 02-08-2017 0 3	0	3
Require working example of iseval=true in Splunk macro definition Please provide working example of iseval=true or iseval=1 as that also did not work as described in Splunk docs (http... by niketn Legend in Knowledge Management 02-07-2017 1 5	1	5
How to pass token form one text box to another text box? Hi, I have two text boxes textbox1 with token name 'texttok' and textbox2 with token name 'cputok' Now, i want to... by manjuase Explorer in Knowledge Management 02-07-2017 0 1	0	1
Peer index without configuring master node Hello , I have 4 VMs for splunk index peering setup, out of which i will use 1 vm for Splunk License manage, 1 for s... by shahk Explorer in Knowledge Management 02-07-2017 0 1	0	1
Macros using data from search Seems like a pretty simple thing I am trying to do but it wont work. I have some bitwise data which I want to conver... by phoenixdigital Builder in Knowledge Management 02-06-2017 0 4	0	4
Is there more information about how to take advantage of an education credit announced at .conf2016 keynote? Hi, Just started using Splunk and attended conf 2016. Wondering how I would go about taking advantage of $5,000 educ... by akaufman24 Engager in Knowledge Management 02-02-2017 2 11	2	11
fill_summary_index dedup issue We are trying to use the fill_summary_index.py script to backfill times when the data isn't populated. I am finding t... by SarahBOA Path Finder in Knowledge Management 02-02-2017 1 7	1	7
diff between same field between two iterations Hi, I have the below sample data collected after process and using table command every 24 hours. for each time, db,... by rajkumar_2 New Member in Knowledge Management 02-02-2017 0 3	0	3
Best practices for writing log files that have variable number of fields We are writing our own logs for disk usage and we are using key value pairs. The issue is that each host has a differ... by burwell SplunkTrust in Knowledge Management 01-26-2017 0 1	0	1
How to NOT open a new window when executing a workflow action? Hello All, I would like to execute a workflow action and NOT open a new window OR same window. Does anyone have any ... by rbardonetorian Path Finder in Knowledge Management 01-23-2017 0 2	0	2
What are some types of data which will not load with default settings? I'm currently preparing for the Splunk Custom Data Load for completion of the Sales Engineer 2 certification. The dir... by Buonomon2 Engager in Knowledge Management 01-18-2017 0 2	0	2
how do you configure the search head so it sends 2 summary index data to 2 separate indexer I have a problem with the configuration/definition of 2 separate summary indexes for storing data on to 2 separate in... by gmenghini New Member in Knowledge Management 01-18-2017 0 2	0	2
Is it possible to pass an event field as an argument to a macro? Hello Fellow Splunkers, This is a question about Macros in Splunk. I was wondering if its even possible to pass fiel... by mnm1987 Explorer in Knowledge Management 01-17-2017 0 2	0	2
Macro with validation isnum() does not work even if the input argument is numeric I followed steps similar to isnum() validation to be applied on macro input argument defined on http://docs.splunk.co... by niketn Legend in Knowledge Management 01-16-2017 1 4	1	4
Macro Validation Expression Error? I made a macro, we'll call it "test" defined as eval new_rate=$val$*$rate$ with the validation expression just ch... by jluo_splunk Splunk Employee in Knowledge Management 01-16-2017 0 3	0	3
Is there a way to save sparkline data to a summary index? Hello all, I have created a daily search search that returns summarized rows of data, including a sparkline that I ... by richnavis Contributor in Knowledge Management 01-13-2017 0 1	0	1
Why is my macro returning error "expected to be an eval expression that returns a string." with my current definition? Tried many variations (enclosing arg in quotes, $, and backslash) and got many errors - mostly "expected to be an eva... by rgcox1 Communicator in Knowledge Management 01-05-2017 0 3	0	3
How to create a search for a macro that finds events closest to a specified time? I am attempting to create a macro that allows searchers to pass a specific time into a search command that will locat... by mcarp Explorer in Knowledge Management 01-05-2017 0 4	0	4
Why is the Kvstore start failing in Splunk Version 6.5.1? Issue: I have Splunk version 6.5.1 and it fails to start the Kvstore. The mongod.log has errors like below 2016-12-... by rbal_splunk Splunk Employee in Knowledge Management 01-05-2017 0 1	0	1
Best method for working with a large SQL table? I'm new to DB Connect and just as inexperienced with SQL, but was tasked with getting some table data in to build a f... by bwheelock Path Finder in Knowledge Management 01-04-2017 1 2	1	2
Reducing logs redundancy Hi, In my project we are using Splunk mainly for performance monitoring of application and we have created a dedicat... by PanKokos Path Finder in Knowledge Management 01-04-2017 0 8	0	8
What is splunk gold image?? I'm trying to get the more information on creating a splunk gold image for my work splunk infrastructure, give me any... by skuma30 New Member in Knowledge Management 01-03-2017 0 4	0	4
Selective forwarding and summary searches - any issues? Hello, I'm experimenting with some selective forwarding and it's mostly working - I can index locally, forward and co... by arkadyz1 Builder in Knowledge Management 01-03-2017 0 3	0	3