Other Usage

Discussions

Thread Info

Why is Dashboards showing csv files in dropdown input?

Good afternoon, I am trying to show information from a csv which is static, but will be replaced as time goes on...

by Explorer in

How to create one report to generate multiple emails based on results?

I have a single report that features a list of devices broken up by the group that supports them. I want to have that...

by Explorer in

What is the Manual work around for Pausing/disabling some alerts during a release but not all alerts?

Here is what I am proposing as a manual workaround to pause some alerts but not all alerts during an release weekend ...

by Contributor in

Why am I receiving "No matching visualization found for type: network-diagram-viz" message?

Hi, I am trying to use this visualization but I am getting the following error: Can you please help?Ma...

by Builder in

How to Send a report from Splunk Cloud Search head to Shared Network Drive?

Hi All, We have created multiple reports in our Splunk Cloud Search head so once we schedule it we want the repor...

by Contributor in

splunk SPL for who deleted user account

Hi, Just wanted to know Ad account activity who deleted user account ?

by Builder in

How to combine multiple alerts into one single alert

I have an alert set up to detect multiple invalid user credential sign in attempts, which runs once every 24 hours at...

by Path Finder in

How to disable multiple alerts?

Hello I'm using Splunk Cloud and im looking for an option to disable multiple alert using rest api or script so it...

by Explorer in

How can I create a search job using the REST API?

Following the documentation here:https://docs.splunk.com/Documentation/Splunk/latest/RESTTUT/RESTsearches#Create_a_se...

by Contributor in

Schedule window vs scheduling mode

Hi,I want to prevent alerts from being skipped and I'm fine, that the alerts don't run at a specific time. I prefer t...

by Explorer in

How to create a splunk query for the following problem?

Hi , Below is my raw data { timestamp: 2023-09-10 Version:1 Kubernetes.namespace: X Kubernetes.no...

by Path Finder in

How to avoid duplicate alerts for 1 month of timespan

Hi,I have a alert scheduled to monitor, if 2 different users who are accessing same device for authentication from ok...

by Path Finder in

How to create a Splunk alert cron for monday to friday 7:30 to 8PM ?

Hi, I am not able to give cron exp for alert to run every 10 min, for Mon to Fri for time 7:30AM to 8:00PM, ca...

by Loves-to-Learn Lots in

what does this cron mean ? 1-30/10 * * * *

what does this cron mean ? 1-30/10 * * * * one place its given - Every 10 minutes, minutes 1 through 30 past the ho...

by Loves-to-Learn Lots in

how to add Alert name and triggered time to lookup file

Hi, I would like to add alert name and its triggered time to a lookup file once the alert is triggered. I don't n...

by Engager in

How to map multiple MITRE ATT&CK Techniques to single rule?

Using the Map Rule to Technique, I select a Rule Name, then I add multiple MITRE ATT&CK Techniques. Is there a limit ...

by New Member in

How to remove extra space between column headers as well as from the field values table?

Attached snapshot for reference. As well as how to reduce the table size to small one

by Explorer in

Summary index for non aggregated data: How to read only delta data each time?

Hi,I'm working with a large amount of data.I wrote a main report that extracts all events (let's call them events A,B...

by Path Finder in

Splunk Cloud: No longer able to save a Real-time alert

A couple of weeks ago I took a screenshot of the "Save As Alert" window. Alert type Real-time was available. Today,...

by Explorer in

How to create alert only if the lookup table values matches with the field in the search?

Hi , I am trying to make a search only if the values of lookup table i.e groups.csv fields username matches wi...

by Builder in

Why is regex not working?

Hi all! I have a field called "correlation id" in my search output, out of which I am trying to extract another fi...

by Communicator in

Why sistats doesn't work after lookup?

Hi, I wrote a report that merge the result with lookup table to add fields (like machineName). the lookup table con...

by Path Finder in

how many splunk alerts are send to single User for an Application?

Hi Team, So i am new to splunk, therefore excuses for my stupid question. We have an Application, and multiple al...

by Explorer in

How to add custom value in Scheduled View Subject And Panels?

We have customer report triggered every month with multiple panels. So the requirement is during every run Panels sho...

by Engager in

Alerts optimisation for MS TeamsCard

Hi Team, We have installed an app "Microsoft Teams Alert Cards" to create an alert in MS Teams through webhook. Eve...

by Explorer in

Get Updates on the Splunk Community!

Other Usage

Discussions

Why is Dashboards showing csv files in dropdown input?

How to create one report to generate multiple emails based on results?

What is the Manual work around for Pausing/disabling some alerts during a release but not all alerts?

Why am I receiving "No matching visualization found for type: network-diagram-viz" message?

How to Send a report from Splunk Cloud Search head to Shared Network Drive?

splunk SPL for who deleted user account

How to combine multiple alerts into one single alert

How to disable multiple alerts?

How can I create a search job using the REST API?

Schedule window vs scheduling mode

How to create a splunk query for the following problem?

How to avoid duplicate alerts for 1 month of timespan

How to create a Splunk alert cron for monday to friday 7:30 to 8PM ?

what does this cron mean ? 1-30/10 * * * *

how to add Alert name and triggered time to lookup file

How to map multiple MITRE ATT&CK Techniques to single rule?

How to remove extra space between column headers as well as from the field values table?

Summary index for non aggregated data: How to read only delta data each time?

Splunk Cloud: No longer able to save a Real-time alert

How to create alert only if the lookup table values matches with the field in the search?

Why is regex not working?

Why sistats doesn't work after lookup?

how many splunk alerts are send to single User for an Application?

How to add custom value in Scheduled View Subject And Panels?

Alerts optimisation for MS TeamsCard

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

Splunk Clous Entry

for loop in code block in splunk soar playbook

Bringing Splunk data into PowerBI Platform without...

Alternative to Splunk Business Flow

Add-on for Atlassian JIRA Service Desk alert actio...

Other Usage

Are you a member of the Splunk Community?

Discussions