Splunk Dev

Community Activity

USE AND Operator in IF or CASE statement I have one lookup in which there is a field which consist Team Member A1 A2 A3 A4 A5 A6 A7 Now,If TeamMember=(A1 OR ... by kumagaur New Member in Splunk Dev 01-25-2019 0 3	0	3
localhost refused to connect in Windows 10 Hi, I cannot connect to Splunk Enterprise after cleaned Comodo AV warning popup for emailworm name EmailWorm.Win32.... by markn0119 New Member in Splunk Dev 01-25-2019 0 4	0	4
Splunk DB Connect and java versions beyond v8 Does anyone have any knowledge of DB Connect being supported by Java (Oracle and/or Open) beyond version 8? Will you... by VEM350 New Member in Splunk Dev 01-25-2019 0 0	0	0
Can you help me create a search that helps me find currently open tickets? Hi guys, Tickets can have states: em7_state = Open em7_state = In Progress em7_state = Closed Tickets are stored i... by cocomaster Explorer in Splunk Dev 01-25-2019 0 3	0	3
Job Manager lists Jobs as Created at Dec 31, 1969 In a busy Search Head Cluster environment, there are Jobs listed as "Created at" with a date of Dec 31st, 1969. This... by jcrabb_splunk Splunk Employee in Splunk Dev 01-24-2019 4 1	4	1
Splunk standalone server upgrade Dear splunkers, We have a standalone all in one splunk server installed in our environment. Currently it is running ... by hariskhan Explorer in Splunk Dev 01-24-2019 0 7	0	7
Java SDK: Why does the JobCollection create method return null? Some backstory: I am writing end-to-end automation for a microservice that writes events to Splunk.I use Java Splunk... by teresap Engager in Splunk Dev 01-24-2019 0 2	0	2
Ingesting Cisco ISE logs - wrong timestamp Hello! We are trying to track down issues with ingesting UDP syslog data from Cisco ISE in which it is being indexe... by montgomeryam Path Finder in Splunk Dev 01-23-2019 0 3	0	3
How do you hide a row depending on 3 rows? I have 3 rows with 3 panels in each row. If the 1st panel has no data, the row will hide itself. I have another row o... by louisawang New Member in Splunk Dev 01-23-2019 0 3	0	3
Reconfiguring timestamp to match csv row, not indexing time Hi! I am attaching a screenshot of my query as the problem is immediately apparent. I am searching only for dates 1/1... by jamesandy51 Explorer in Splunk Dev 01-23-2019 0 6	0	6
Java SDK: Most efficient way to wait for a particular event Some backstory: I am writing end-to-end automation for a microservice that writes events to Splunk.I use Java Splunk... by teresap Engager in Splunk Dev 01-23-2019 0 0	0	0
How can I find the differance between 2 dates on multiple events, grouped by a field, based off of the min and max of another field Here is some data id apiid answer cr_date 493442120 fbnagf42wxpfmmrgr... by fmatera Explorer in Splunk Dev 01-23-2019 0 1	0	1
I am trying to install splunk searchhead through Puppet Can you please let me know or share the steps how to to install splunk search through Pupetization. by manekar New Member in Splunk Dev 01-23-2019 0 1	0	1
The heavy forwarders we are leveraging appear to be ignoring the props.conf file, resulting in timestamp extraction issue. This particular input is through HEC. The heavy forwarders we are leveraging appear to be ignoring the props.conf file, resulting in timestamp extraction i... by michaelwang1 Explorer in Splunk Dev 01-23-2019 0 3	0	3
Not clear about heavy forwarder Hi Now i want to specific winevent log and use Universal Forwader to send log to Splunk Enterprise such as security ... by mindterrian New Member in Splunk Dev 01-23-2019 0 8	0	8
What I have to write in/opt/splunk/etc/system/local/server.conf? Indexer server + SH standalone Hi team! I want a standalone search head server. Actually I have two splunk instances. The first one my indexer and... by christianubeda Path Finder in Splunk Dev 01-23-2019 0 4	0	4
Unable to download log file on splunk-cloud Unable to download the file named access_30DAY.log on my instance in the cloud. I've got an error = ⚠ Unspecified dow... by bilbo35 New Member in Splunk Dev 01-23-2019 0 1	0	1
How do you redact data that's already indexed? We currently index logs into index=indexY at a rate of 2G – 5G a day with the retention set to 12 months. One day la... by lostbeatnik01 Explorer in Splunk Dev 01-23-2019 1 2	1	2
While setting up indexer clustering ... Do we have to provide the sslpassword of CM on all the indexers in server.conf? I am trying to replace our existing Cluster Master with a new Server .i dont have a track of the ssl password set on ... by kchaitanya Explorer in Splunk Dev 01-22-2019 0 1	0	1
Timeseries: Rename Legend DYNAMICALLY based on Lookup and Token Hi, I have the following challenge: the user should be able to dynamically select parameters (a001, a002, a003, …, a... by flopit Path Finder in Splunk Dev 01-22-2019 0 8	0	8
Unable to generate Self-sign certificates for Splunk Web Hi, I am unable to generate Self-sign certificates for Splunk Web in Splunk Search Head using the path E:\Program Fi... by rajkumarv Engager in Splunk Dev 01-21-2019 0 6	0	6
HTTP 400 Bad Request -- Request exceeds API limits - see limits.conf for details. (Too many documents for a single batch save.) Hi All, we are getting " HTTP 400 Bad Request -- Request exceeds API limits - see limits.conf for details. (Too many... by harishalipaka Motivator in Splunk Dev 01-21-2019 0 5	0	5
How do you group Start and End times from a set of log lines? Hi, I have a logfile content like below. I have 3 lines per event (sometime more than 3). But each event has a uniqu... by nareshinsvu Builder in Splunk Dev 01-20-2019 0 10	0	10
How can i monitor Active Directory with splunk enterprise install Local System? Hi I found this document (https://docs.splunk.com/Documentation/Splunk/7.2.3/Data/MonitorActiveDirectory) is require... by mindterrian New Member in Splunk Dev 01-20-2019 0 2	0	2
how to set an alert for user failed to login to multiple times on multiple server Required a usecase for user failed to login to multiple times on multiple server by Girish_RH New Member in Splunk Dev 01-19-2019 0 2	0	2