Knowledge Management

Knowledge Management
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
splunker1981

How to update events with new key/value pairs on a per event basis?

Hi Splunkers, I was wondering if someone could shed some insight on whether this is even possible with Splunk, if so...
by splunker1981 Path Finder in Knowledge Management 09-15-2016
0 3
0
3
pavanae

How to and where can I add the timeformat string to a saved macro?

Splunk version: 6.4 Localization specifier in the URL : en_US search 1: earliest="01/08/2016:00:00:01" latest="01...
by pavanae Builder in Knowledge Management 09-14-2016
0 3
0
3
pavanae

Solve the scenario by creating a macro or through macros.conf?

when any splunk search runs with the word "getABCsWin"(in any dashboard or alert etc etc). I want the string timeform...
by pavanae Builder in Knowledge Management 09-13-2016
0 2
0
2
pkhalsa

New ports open in Splunk 6, how are they utilized?

At the "About upgrading to 6.2 - READ THIS FIRST" page, it states: "This opens two network ports by default on the lo...
by pkhalsa New Member in Knowledge Management 09-13-2016
0 5
0
5
pavanae

What is the purpose of macros.conf, and what is the path for it?

What is macros.conf and what is its use? What could be the path for macros.conf?
by pavanae Builder in Knowledge Management 09-12-2016
0 1
0
1
mIliofotou_splu

Can I have multiple searches collecting (using the collect command) to the same index?

Can I have multiple searches collecting (using the collect command) to the same index? The number of searches can be ...
by mIliofotou_splu Splunk Employee Splunk Employee in Knowledge Management 09-09-2016
0 4
0
4
jedatt01

Too complex for tags?

I want to create a tag that involves two extracted fields and a combination of AND/OR statements, see example below. ...
by jedatt01 Builder in Knowledge Management 09-09-2016
0 2
0
2
jtacy

What are best practices for handling data in a Splunk staging environment that needs to go to production?

All, We use a Splunk staging environment to test system upgrades and fine-tune props and transforms before deployin...
by jtacy Builder in Knowledge Management 09-08-2016
0 11
0
11
prabhasgupte

How can I periodically update KV store collection programmatically from TA input?

Up till now, I am using csv file lookup. An input runs every day, and updates this CSV file. This must happen in orde...
by prabhasgupte Communicator in Knowledge Management 09-07-2016
0 1
0
1
AKG1_old1

How can we change SPLUNK web url?

Hello guys, I want to change the web url of splunk server so server name is invisible from end users. Bydefault, we...
by AKG1_old1 Builder in Knowledge Management 09-06-2016
0 1
0
1
HattrickNZ

doing a summary index - getting started - my first time

I have a search ...|timechart span=d sum(kpi1) sum(kpi2) max(kpi3) max(kpi4) | foreach * [eval <<FIELD>>=round('<<...
by HattrickNZ Motivator in Knowledge Management 09-05-2016
1 5
1
5
g038123

Eventtype style color only displays while in current session

I created 3 eventtypes, at creation I chose a different color for each one. Everything worked fine, colors were disp...
by g038123 Explorer in Knowledge Management 09-02-2016
0 2
0
2
dpraveen88

How to enable Activity > System Activity in Splunk 6.4.1?

In Splunk 6.3.3, I saw the Activity > System activity. Documents says in 6.4.1, 6.4.2, 6.4.3 also has Activity, but I...
by dpraveen88 Explorer in Knowledge Management 08-31-2016
1 1
1
1
MikeDoingSplunk

What is the CLI syntax for issuing command non interactively? (without being prompted for a user/password)

I am looking for something like ./bin/splunk list indexes -username me -Password MyPassword
by MikeDoingSplunk New Member in Knowledge Management 08-31-2016
0 1
0
1
melonman

Routing summary indexes to specific indexer based on summary index name

Hi, Could anyone help me with configuration for the following? summary indexes created on search head layer to inde...
by melonman Motivator in Knowledge Management 08-30-2016
0 4
0
4
amitpanjawani

How can i know the owner of Lookup that are created in Lists and Lookups?

How can i know the owner of Lookup that are created in Lists and Lookups?
by amitpanjawani Explorer in Knowledge Management 08-25-2016
0 2
0
2
ayusuf

Is there any way to do calculated fields before search time?

I was using calculated fields, but then I started reading the documentation and saw that calculated fields are done d...
by ayusuf Engager in Knowledge Management 08-15-2016
0 4
0
4
M2016G0216

How to troubleshoot an indexer not rejoining cluster after OS rebuild and data restore of /opt/splunk/ and /var/opt/splunk?

We recently had an issue with one of our indexers. We had to do a restore of /opt/splunk and /var/opt/splunk after r...
by M2016G0216 Explorer in Knowledge Management 08-15-2016
0 1
0
1
thakarpratik

Can you show me how to setup IP GEO lookup workflow action

Hi guys, i am learning splunk , and working my way through Workflow action, i have a dataset which has a clientip fie...
by thakarpratik Engager in Knowledge Management 08-12-2016
0 3
0
3
sumitkathpal

Data Model Query

Dear Experts, Kindly help to modify Query on Data Model, I have built the query. | tstats summariesonly dc(All_T...
by sumitkathpal Explorer in Knowledge Management 08-12-2016
1 3
1
3
ariyazudeen

How to reset the lookup file every 15 minutes?

I have multiple search queries and when it gets executed the results are stored in csv file using the command "| inpu...
by ariyazudeen New Member in Knowledge Management 08-10-2016
0 5
0
5
asarran

What is props.conf in splunk?

Hey, Fellow Splunkers I'm fairly new to Splunk, I was wandering what exactly is the props.conf?, Where is it located...
by asarran Path Finder in Knowledge Management 08-10-2016
1 6
1
6
buckiboy

How can I use sed in Restrict search terms to sanitize on search

I have a task to sanitize output of the search for certain users. The data were indexed without sanitation and I cant...
by buckiboy New Member in Knowledge Management 08-10-2016
0 3
0
3
the_wolverine

Schedule automatic summary backfill?

I'd like to have summary backfill run on a scheduled basis to fill in the gaps automatically. I'd probably run this...
by the_wolverine Champion in Knowledge Management 08-10-2016
1 2
1
2
kgutterson

Splunk Enterprise - Documentation giving guidance on how to implement Splunk securely?

Does anyone know if there is documentation outlining security guidelines regarding the secure implementation of Splun...
by kgutterson New Member in Knowledge Management 08-10-2016
0 1
0
1
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...