Splunk Answers

	Adjusting EXTRACT- setting of existing sourcetype I have a custom sourcetype that has the following advanced setting:Name/ValueEXTRACT-app : EXTRACT-app field extracti... by tlewis New Member in Splunk Cloud Platform 6m ago 0 0	0	0
	To get the list of datasources in splunk Hi,I am trying to get the information how many datasources and endpoints we have Integrated in to splunk.How can we g... by AL3Z Builder in Splunk Search 15m ago 0 3	0	3
	Email Alerts Hello,can you please tell me what happens to email alerts if the smtp used for email delivery is temporary offline?Is... by acavenago New Member in Alerting 59m ago 0 2	0	2
	Extract execution time Hello, I've the following situation:I've inside logs the ETL logs, I've already extracted some data via search fields... by marco_carolo Path Finder in Splunk Search an hour ago 0 1	0	1
	Heavy forwarder upgrade I am working on upgrading an instance of heavy forwarder that is running an out of support version of 7.3.3. In order... by Splunk77 Explorer in Splunk Enterprise 2 hours ago 0 0	0	0
	Splunk Nodes Restart Hello,we need to patch the OS of our Splunk Enterprise cluster distributed on 2 sites, A & B.We will start the activ... by acavenago New Member in Splunk Enterprise 2 hours ago 0 0	0	0
	Need to convert the timezone dynamically Hello there,I would like to convert the default time to the local country timezone and place the converted timezone ... by manojchacko78 Path Finder in Getting Data In 2 hours ago 0 2	0	2
	Ingestion of Windows events works correctly in the classic WinEventLog format but not in the XmlWinEventLog format Hello Team,I got a weird issue, that I struggle to troubleshoot.A month ago, I realized that my WinEventLog logs were... by MCH2018 Explorer in Splunk Enterprise 3 hours ago 0 0	0	0
	Drilldown with timepicker I have a drilldown into another dashboard with parameters earliest=$earliest$ and latest=$latest$, this works. When I... by MrJohn230 Path Finder in Dashboards & Visualizations 3 hours ago 0 6	0	6
	Filter / Mask / Anonymize raw data by role at search time Hello,regarding filtering Splunk roles, we would like to only allow transforming commands (stats, timechart...) for u... by splunkreal Motivator in Getting Data In 3 hours ago 0 4	0	4
	props and transform file modification issue Hi Guys, In Splunk a field by name “event_sub_type” has multiple values. We don’t want to ingest any logs into splunk... by roopeshetty Path Finder in Getting Data In 3 hours ago 0 11	0	11
	Making indexes available to searchhead without indexes.conf Scenario: I have a searchhead and two idx in a cluster. there is an index (index_a) defined in the cluster. Until now... by Brainizer Engager in Deployment Architecture 4 hours ago 0 4	0	4
	BotS member needed ! I don’t know if this is the right place to ask, but I’m currently looking for three members for BotS v7 coming 7th De... by Saki New Member in Splunk Search 4 hours ago 0 0	0	0
	To set up alert using saved search and map command I have a saved search with 'n' number of results and I need to setup an alert mail for the results by creating an ale... by varsh_6_8_6 Observer in Splunk Search 6 hours ago 0 0	0	0
	How to compare 2 lookups and highlight any changes ? Hi,Once a month we receive a file via email that we manually upload to Splunk as a lookup CSV file. The current proc... by tomapatan Communicator in Splunk Search 6 hours ago 0 0	0	0