Knowledge Management

Community Activity

Why I can't access to savedsearch page or authentication user page? Hello,I'm facing an issue when trying to create a user or access to savedsearch list.for example When I use the Splun... by TISKAR Builder in Knowledge Management 11-07-2023 0 5	0	5
Create Props Stanzas Based on Field Value I have events that return different structured fields depending on the value of a field called TYPE. This all comes ... by tom_porter Explorer in Knowledge Management 11-06-2023 0 2	0	2
Spunk indexes Hello, I am fairly familiar to spunk, but I do need to improve on indexes. I am currently working on a new client env... by ZombieT Engager in Knowledge Management 11-02-2023 0 3	0	3
Fuzzy Logic match with multi word value I have a situation where I'm using case to compare 2 fields to identify a fuzzy match, but in field 1 I may have "boa... by mjones414 Contributor in Knowledge Management 11-01-2023 0 3	0	3
Why do Selected Fields Get Reset after upgrading to 8.2.11? Dear All We moved to splunk 8.2.11 and since then, our selected fields keeps resetting every time I logout. Is this a... by pagnihot Path Finder in Knowledge Management 11-01-2023 0 5	0	5
Is search history replicated? Hi, Testing out 6.4, and I noticed that the search-history feature is not replicated across SH. Is this possible? by a212830 Champion in Knowledge Management 10-30-2023 1 10	1	10
Does using a kvstore lookup in a SH cluster decrease performance? I have a kvstore lookup in a single SH environment. If the environment is made into a cluster and kvstore replication... by klim Path Finder in Knowledge Management 10-27-2023 0 1	0	1
Tagging "url" in Web Data Model Hi,I'd like to know how to associate the "url" tag with the web data model. We're currently working with URL logs in ... by AL3Z Builder in Knowledge Management 10-25-2023 0 0	0	0
Aliases not working Hi All, I am having an issue creating an alias simply going from DestinationPort to dest_port for SysMon EventID 3 I ... by DanAlexander Communicator in Knowledge Management 10-24-2023 0 2	0	2
How to match an array of CVEs into CIM CVE field? HelloMy data is formatted as JSON and it contains a field named "cves" which contains an array of cve codes related t... by shai Explorer in Knowledge Management 10-22-2023 0 0	0	0
summary indexing with sisat distinct count without the list of what is counted ... \|sistats dc(clientip) by host Returns : host psrsvd_ct_clientip psrsvd_gc psrsvd_v psrsvd_vm_clientip... by pshumate Explorer in Knowledge Management 10-20-2023 0 3	0	3
How to connect data to CIM when the user has changed the default index and sourcetype for an Input? Hi, I have a modular input that is connected to CIM through eventtypes and tags as follows: default/eventtypes.conf [... by shai Explorer in Knowledge Management 10-19-2023 0 4	0	4
Smartstore : SmartStore throws S3Client 404 error on receipt.json files As part of internal testing, migrating data from the Classic index to SmartStore.The indexes.conf was configured with... by rbal_splunk Splunk Employee in Knowledge Management 10-17-2023 0 3	0	3
Field removed from logs but... it's still showing? Hello all,I have created and applied the configuration in props.conf file:SEDCMD-XXXXX = s/XXXXXX//gThe field I want... by secneer Loves-to-Learn in Knowledge Management 10-13-2023 0 5	0	5
Knowledge objects remove Hi All, Created test user and assign the viwer roles and provided read only access, the above screen not the test use... by vijreddy30 Loves-to-Learn Everything in Knowledge Management 10-09-2023 0 1	0	1
Transpose question Hi, I have a query like: index=federated:ccs_rmail sourcetype="rmail:KIC:reports" \| dedup _time \| timechart span=1mon... by emilep Explorer in Knowledge Management 10-09-2023 0 4	0	4
Is it possible to create backup the app with data and visualization for a specific date to keep for a futire Is it possible to create backup the app with data and visualization for a specific date to keep for a future date ? by harimadambi Explorer in Knowledge Management 10-06-2023 0 4	0	4
props.conf \| multiple EXTRACT single GROUP name Hi,I'm struggling to confirm in the docs whether this is permitted or not? I'm working on a TA for Netgear Wi-Fi, the... by NullZero Path Finder in Knowledge Management 10-05-2023 0 5	0	5
How can I use the Network_Traffic datamodel to find what has NOT egressed/logged for a firewall ACL/rule? Good afternoon, Background: I found a configuration issue in one of our firewalls which I'm trying to remediate where... by kimsey4701 Engager in Knowledge Management 10-04-2023 0 2	0	2
The lookup table XYZ does not exist or not available Error Hello,I am seeing the below error in the internal logs.The lookup table XYZ does not exist or not availableI have che... by Roy_9 Motivator in Knowledge Management 10-03-2023 0 5	0	5
The search specifies a macro that cannot be found Hello,I am seeing the below error in the internal logs, I am on Splunk On premise clustered environment.10-03-2023 23... by Roy_9 Motivator in Knowledge Management 10-03-2023 0 6	0	6
Macro API not working! Hello, I am attempting to Splunk search via Macro.When using the Splunk search UI, the relevant information comes up,... by lionkesler New Member in Knowledge Management 10-01-2023 0 1	0	1
Events getting truncated at the beginning Some of the event logs in Splunk are getting truncated at the beginning.Tried some prop's to break before date, line_... by Navanitha Path Finder in Knowledge Management 09-29-2023 0 6	0	6
Splunk REST APIs Hi TeamI am new to Splunk and looking for a way to Fetch few metrics data from Splunk using Splunk REST API.Can you p... by akshada_s New Member in Knowledge Management 09-23-2023 0 1	0	1
Why did the field name change while indexing csv file in splunk? I am trying to index a csv file by uploading it through splunk web.... while setting up sourcetype i could see all my... by sivaranjiniG Communicator in Knowledge Management 09-22-2023 0 5	0	5