Splunk Dev

Community Activity

Is there any effects, if ownership of savedsearches is "nobody"? I believe that if ownership is nobody, it runs as role splunk-system-user, and splunk-system-user Inherits role admin... by yutaka1005 Builder in Splunk Dev 01-31-2019 0 1	0	1
Can we send logs to Splunk via the SDK for Python? We have a client who wonders whether sending logs via the SDK for Python is an option. Any thoughts? by ddrillic Ultra Champion in Splunk Dev 01-30-2019 0 1	0	1
How to average all columns in a chart for a group of results? Here's what I'm trying to do: Imagine a search result from Splunk comes back with results: User \| Field 1 \| Field 2... by splunk_user_jk New Member in Splunk Dev 01-30-2019 0 1	0	1
is Splunk convert the time from UTC to GMT? Hi Splunker; I have kaspersky logs this logs send logs to splunk by use CEF format, when changed format to syslog fo... by abdullahalhabba Explorer in Splunk Dev 01-30-2019 0 1	0	1
Is their such a configuration as multiple indexers in an enterprise environment but not consider it a cluster? I have an environment with three search heads, three indexers, one license server (also acts as the deployer), and on... by usanasplunkadmi New Member in Splunk Dev 01-29-2019 0 1	0	1
Splunk python SDK SSL error When running a python script I keep getting the following error when trying to connect to splunk version 6.6.1: ssl.... by patelaa Explorer in Splunk Dev 01-29-2019 1 13	1	13
Why doesn't the pulldown work the first time I select a value (with a trivial Example!)? Hello, I have a really simple dashboard with a single pulldown. I notice that it never seems to take effect the firs... by ifeldshteyn Communicator in Splunk Dev 01-29-2019 0 2	0	2
hostwide component in resource_usage.log What exactly is the hostwide component in below. It is reporting the very high utilization of memory & subsequently... by stanwin Contributor in Splunk Dev 01-29-2019 0 2	0	2
How does the search header cluster change to a single search header instance? I have a single site cluster that architecture is as follows: search header cluster： 4 search head + a deployer ... by bestSplunker Contributor in Splunk Dev 01-29-2019 0 5	0	5
KV Store Help - Best approach to schedule deletion of records based on a flag set We have a KV store with below fields: _key (mapped with alert_id) Splunk_ID Can_Delete (a flag with Yes/No) KV Store... by rkadam New Member in Splunk Dev 01-28-2019 0 1	0	1
Could I know about web service of Splunk? I just started to use the Splunk and also bought annual license. But, I stuck to confirm to regularly use for sec... by sangsun0203 New Member in Splunk Dev 01-28-2019 0 0	0	0
Splunk search included in email Hello Support , Whenever the splunk alert mail is triggered , the triggered mail contains the search keyword lines t... by ppayaws Loves-to-Learn in Splunk Dev 01-28-2019 0 2	0	2
xml tags extraction Hi All, In splunk Enterprise is their any way to extract the XML tags not the xml fields . ie .for example PFB xml ... by nerelluk New Member in Splunk Dev 01-27-2019 0 1	0	1
How do i percentage for PROCESSED and STARTED on below query index=ciaudit eventname=* \| spath "EventStreamData.response.verificationStatus" \| search "EventStreamData.response.ve... by vkari New Member in Splunk Dev 01-27-2019 0 6	0	6
At least one log for two, distinct search conditions We have two jobs that run and produce a distinct log entry for each. I need to add a dashboard panel which monitors t... by techgeek_us New Member in Splunk Dev 01-26-2019 0 4	0	4
USE AND Operator in IF or CASE statement I have one lookup in which there is a field which consist Team Member A1 A2 A3 A4 A5 A6 A7 Now,If TeamMember=(A1 OR ... by kumagaur New Member in Splunk Dev 01-25-2019 0 3	0	3
localhost refused to connect in Windows 10 Hi, I cannot connect to Splunk Enterprise after cleaned Comodo AV warning popup for emailworm name EmailWorm.Win32.... by markn0119 New Member in Splunk Dev 01-25-2019 0 4	0	4
Splunk DB Connect and java versions beyond v8 Does anyone have any knowledge of DB Connect being supported by Java (Oracle and/or Open) beyond version 8? Will you... by VEM350 New Member in Splunk Dev 01-25-2019 0 0	0	0
Can you help me create a search that helps me find currently open tickets? Hi guys, Tickets can have states: em7_state = Open em7_state = In Progress em7_state = Closed Tickets are stored i... by cocomaster Explorer in Splunk Dev 01-25-2019 0 3	0	3
Job Manager lists Jobs as Created at Dec 31, 1969 In a busy Search Head Cluster environment, there are Jobs listed as "Created at" with a date of Dec 31st, 1969. This... by jcrabb_splunk Splunk Employee in Splunk Dev 01-24-2019 4 1	4	1
Splunk standalone server upgrade Dear splunkers, We have a standalone all in one splunk server installed in our environment. Currently it is running ... by hariskhan Explorer in Splunk Dev 01-24-2019 0 7	0	7
Java SDK: Why does the JobCollection create method return null? Some backstory: I am writing end-to-end automation for a microservice that writes events to Splunk.I use Java Splunk... by teresap Engager in Splunk Dev 01-24-2019 0 2	0	2
Ingesting Cisco ISE logs - wrong timestamp Hello! We are trying to track down issues with ingesting UDP syslog data from Cisco ISE in which it is being indexe... by montgomeryam Path Finder in Splunk Dev 01-23-2019 0 3	0	3
How do you hide a row depending on 3 rows? I have 3 rows with 3 panels in each row. If the 1st panel has no data, the row will hide itself. I have another row o... by louisawang New Member in Splunk Dev 01-23-2019 0 3	0	3
Reconfiguring timestamp to match csv row, not indexing time Hi! I am attaching a screenshot of my query as the problem is immediately apparent. I am searching only for dates 1/1... by jamesandy51 Explorer in Splunk Dev 01-23-2019 0 6	0	6