Knowledge Management

Community Activity

Beginner's Guide to transforming data into information. I've spent a few hours with Splunk and have a few different inputs being piped into Splunk. Unfortunately, I cannot ... by USMCGrunt0307 Explorer in Knowledge Management 03-12-2014 1 9	1	9
macro input validation I'm having trouble getting input validation to work on my macro. I want to pass in a text string, not a number, but ... by narwhal Splunk Employee in Knowledge Management 03-04-2014 0 1	0	1
Summarising Data for Reporting I am wanting to summarise data so that it can be reported on by our management using a search form. This will tell u... by gn694 Communicator in Knowledge Management 02-28-2014 0 2	0	2
Extra 'None' in saved search when populating summary index Hello, The following search is used in a saved search that will fill a summary index : \| tstats count as requests, ... by mountainbike Explorer in Knowledge Management 02-24-2014 0 3	0	3
Add an alternative name as an extra index identifier In splunk I have a bunch of indexes: customer01 customer02 customer03 ... Outside of splunk (in real life), each cus... by elof Path Finder in Knowledge Management 02-20-2014 0 8	0	8
SPL-74902 and SPL-76208, do I have to upgrade Indexer, Forwarder or both? Description: "In environments with malware and end-point scanning activities occurring, some network events can cause... by anderius Explorer in Knowledge Management 02-19-2014 4 1	4	1
Daily indexing volume limit exceeded and updating summary A directory got added as a data input that shouldn't have, and so now I have "Daily indexing volume limit exceeded" ... by stevengls New Member in Knowledge Management 02-17-2014 0 3	0	3
Running a search for "All Time" using Summary Search Index I would like to run a search for time period = "All Time". The idea is to get a unique list of all users and user fi... by pmccomb Explorer in Knowledge Management 02-14-2014 0 2	0	2
Automated data model creation Can data models be automatically created based on a DB Connect input source? by Parameshwara Path Finder in Knowledge Management 02-13-2014 0 2	0	2
Running search against summary index I have a search as follow: sourcetype="renprodweb" \| sistats count by httprespcode (with the time range is previous... by daonmai New Member in Knowledge Management 02-13-2014 0 1	0	1
is it right to use summary index to save non-statistical data? Hi, I'm using summary index, but I am not sure if I'm doing it right. I have several searches that save data into my ... by RiccardoV Communicator in Knowledge Management 02-12-2014 0 7	0	7
search hunk virtual index and splunk index in one search is there a possiblity to combine a hunk (virtual) index and a normal splunk index (for example a summary index) in on... by nekb1958 Path Finder in Knowledge Management 02-11-2014 0 4	0	4
Transform on extracted field Hi. I'm using OSSEC to send logs from a variety of sources by syslog to Splunk. I've created transforms to extract ... by pixelseventy2 Explorer in Knowledge Management 02-11-2014 0 6	0	6
Splunk summary data missing We're missing all of Splunk's summary data (index=summary_forwarders/summary_indexers, etc). It was working previousl... by Myelin Explorer in Knowledge Management 02-06-2014 0 3	0	3
Adding large number of databases to DB Connect Hello Has anyone of you faced an issue where you had to add 300-500 DB Connections to DB Connect? If you did , did y... by theouhuios Motivator in Knowledge Management 02-06-2014 1 3	1	3
Creating field value pair According to the documentation here I need to have ids_type in my events as follows ids_type="network" or ids_type="a... by splunkingsplun1 Explorer in Knowledge Management 02-06-2014 0 3	0	3
DBX [1.2] user cannot create db lookup. Splunk 6.0; Dbx 1.2; mysql, java 1.7, Linux AMI I have a user with OOTB dbx_user privileges. The DB is r/w for dbx_us... by smanganiello_sp Splunk Employee in Knowledge Management 02-04-2014 0 4	0	4
What is the backend used in splunk? Is it possible to use cassandra as splunk backend? by kishorecsit Engager in Knowledge Management 02-04-2014 0 7	0	7
Sharing global in config This should be an easy one: From a config file perspective, how do I define an app's knowledge object (a savedsearch... by sloshburch Ultra Champion in Knowledge Management 01-23-2014 1 3	1	3
What is the meaning of splunk? is it a compound???/ just splunk ? by changwoo Communicator in Knowledge Management 01-22-2014 1 7	1	7
Support Users How do I get other users from my organizations associated to our support contract? by deltabravo Engager in Knowledge Management 01-21-2014 1 2	1	2
How to create info_time_min in collect command Hi! I would like to know how to create info_time_min fields in collect command. Are there any special conditions to... by yuwtennis Communicator in Knowledge Management 01-20-2014 0 1	0	1
data retention for an index how to control archiving policy We have several indexes where we have set the maxTotalDataSIzeMB to a specific value is it also possible to configure... by splunkjpm Loves-to-Learn Lots in Knowledge Management 01-09-2014 0 1	0	1
Pre-defined Data Models Does anybody know if there are pre-defined or common data models that are documented somewhere that could be used as ... by rmck2012 New Member in Knowledge Management 01-08-2014 0 1	0	1
Summary indexing and timechart: getting the wrong results but I don't know why Hi, I would like to give access to indexing volume per day and per index to all my users but they must only be able ... by yoho Contributor in Knowledge Management 01-08-2014 0 4	0	4