Knowledge Management

Community Activity

Streamed search execute failed Error in 'SearchParser' Hi, This morning I updated my splunk servers to Splunk 6.1 (1 SH, 1 Indexer, 1 Deployment) No errors during the upgr... by bgaignon Path Finder in Knowledge Management 05-16-2014 0 5	0	5
How to extend the dropdown menu beside a field in results When a field is selected to be shown in the results, the field appears with a collapsed dropdown menu containing the ... by tpflicke Path Finder in Knowledge Management 05-09-2014 0 2	0	2
mkvalue - strange problem Log line: eventDate="2014-03-24 14:42:00.945" eventType="adam.test" eventDevice="test.client" dstip="44.184.5.99" sr... by adamguzek Explorer in Knowledge Management 05-07-2014 0 4	0	4
I want to tag events based on a regex Example: If the event's source field the word FOO i want to tag it as foo. If the event contains XML ( i.e. <(.?)>.<(... by paulbruno Engager in Knowledge Management 05-06-2014 0 4	0	4
Summary Indexing - include all interresting fields The use case I am after is to build a summary index that includes all interesting fields (system TAs and keys from lo... by apgersplunk1 Explorer in Knowledge Management 05-05-2014 0 1	0	1
New Phone Support Not recognizing my Phone Number I am calling from a large VOIP network. My outgoing phone number is different from my actual desk number. When i ca... by hartfoml Motivator in Knowledge Management 04-30-2014 2 3	2	3
Tutorial for dummies Hi, Is there any tutorial that could get me going with a simple setup of remotely monitored systems? For example a S... by peterpan1 New Member in Knowledge Management 04-30-2014 0 1	0	1
How to contact a LIVE person at Splunk? We have been trying for 4 months to speak to someone, anyone at Splunk about a few matters, yet despite being bombard... by softek Explorer in Knowledge Management 04-28-2014 1 9	1	9
Is there any easy way for me to find all the questions I've asked in this forum? I have asked a few questions. I'd like to be able to find those without going back to my own notes. Is there a way ... by di2esysadmin Path Finder in Knowledge Management 04-18-2014 0 2	0	2
Collect Command Is it possible to use collect command to collect data from one index and move it to another, where destiation index i... by ManishaAgrawal Explorer in Knowledge Management 04-16-2014 1 4	1	4
Single row results in multiple events I have useragent string logged by our application. I am extracting OS and Browser names from these by creating event ... by sanjaykattimani Engager in Knowledge Management 04-11-2014 0 1	0	1
Search Head Polling with mounted Bundles Hi, In our platform we are using search head pooling with mounted bundles. If I have one search head and two indexer... by premg Engager in Knowledge Management 04-08-2014 0 6	0	6
Knowledge base within splunk We are using Splunk as a security information & event management system. As we review logs or sets of logs, we need ... by mrpaul Explorer in Knowledge Management 04-07-2014 1 1	1	1
summarizing _raw data in an index to reduce index size Our co. has been gathering auditd logs since last summer now our Splunk infrastructure is getting very fat on the ind... by sonicZ Contributor in Knowledge Management 04-03-2014 0 3	0	3
what is the difference between inputcsv and inputlookup? From the documentation it looks that the difference is mostly the file location of the input file. Can anyone with m... by asmithe Path Finder in Knowledge Management 04-02-2014 3 7	3	7
Tag data on universal forwarder Hi! We are migrating from storm to self hosted splunk. In storm there are projects which are a nice addition to s... by splunkprimeriti Explorer in Knowledge Management 04-02-2014 0 5	0	5
Remove Trailing Data After 65K bytes I am using Splunk DB Connect to push data into a Teradata database, the limitation of the ODBC driver is that is can ... by ShaneNewman Motivator in Knowledge Management 03-27-2014 0 3	0	3
Index Latency Summary I am calculating the index latency like this index=firewall \| eval diff = _indextime - _time This is taking some t... by hartfoml Motivator in Knowledge Management 03-26-2014 0 3	0	3
What is the impact of increasing thruput in Universal Forwarders? Hi, I have a scenario where i was getting a lot of INFO TailingProcessor - Could not send data to output queue (pa... by adityapavan18 Contributor in Knowledge Management 03-26-2014 1 2	1	2
some questions about Hello, I am a beginner in splunk. I started implementing an enterprise splunk. At present from splunk I need monitori... by vinchakov_a Path Finder in Knowledge Management 03-24-2014 0 3	0	3
Recommended Virtual Machine Sizes for Search Head and Indexer Does this seem like a good setup for a dedicated Search head, indexer for a virtualized Splunk? Search Head - 8 c... by aelliott Motivator in Knowledge Management 03-19-2014 0 5	0	5
macro - how to run macro in eval case I made macros. test_macro1, test_macro2 The macros are the result comes out But macros will now run in eval ca... by mrain7 New Member in Knowledge Management 03-19-2014 0 1	0	1
Beginner's Guide to transforming data into information. I've spent a few hours with Splunk and have a few different inputs being piped into Splunk. Unfortunately, I cannot ... by USMCGrunt0307 Explorer in Knowledge Management 03-12-2014 1 9	1	9
macro input validation I'm having trouble getting input validation to work on my macro. I want to pass in a text string, not a number, but ... by narwhal Splunk Employee in Knowledge Management 03-04-2014 0 1	0	1
Summarising Data for Reporting I am wanting to summarise data so that it can be reported on by our management using a search form. This will tell u... by gn694 Communicator in Knowledge Management 02-28-2014 0 2	0	2