Splunk Dev

Discussions

Thread Info

Are search terms case sensitive?

What are the proper names for search terms and/or what does "search term" refer to? Is that case sensitive/insensitiv...

by New Member in

Splunk SDK for PHP -- SSL error after upgrading to Splunk v6.6.2

We had a report using the Splunk PHP SDK running and using a a splunk instance of 6.4.2. We recently upgraded it to 6...

by Builder in

How can you specify additional characters to the indexing tokenizer?

We have messages that have tabs replaced with #011 along with other control characters (See rsyslog EscapeControlChar...

by New Member in

Why is some of my log file data indexed multiple times in Splunk?

I have a file, service.log, that is configured to be monitored and indexed in Splunk. When checking in Splunk, some o...

by Path Finder in

How to Compare 2 fields from 2 sourcetypes and remove events that are the same and only in the second sourcetype

I have 2 Sourcetypes A and B with 2 important Fields SSN and Number. I want to compare all of the SSN and number's fr...

by Explorer in

Search that shows which extract ran successfully or failed

We have integrated Tableau with Splunk, I am setting up a Splunk dashboard which will give any user information on th...

by Explorer in

Reading 1000+ overwritten json files on time interval

I have 1000+ json files located in a directory and those files will be overwritten by every day. the file name starti...

by New Member in

How can I get the percentage of requests taking less then 500ms?

I have a below query: index=idx1 | search 'apiname' = AccountSec | eval TotalTime=Start-End | stats count as "Tota...

by Explorer in

Data upload to spool is truncated

I'm using powershell to get a web page in order to keep track my service status. I tested my script which can write t...

by Explorer in

Is it expected : Workflow action visible under action for notable events on incident review on enterprise security

I had a add-on created with prefix TA-XYZ(having Adaptive response action) and one app say "ABC", which has workflow ...

by New Member in

Custom search command always shows Statistics tab

I have a custom search command nbclosest that returns a subset of search results used like: index="muni" | nbclose...

by Splunk Employee in

For the same type of event logs, why in uncommon cases, does Splunk not fully show all of the event log content?

I have set a search that looks through all logs in my nifi-app.log file where the header "Standard FlowFile Attribute...

by New Member in

How can I get splunk to run "ps aux" and check for a specific process?

Hello all, I have a simple flask webhook running on my splunk server that is managed by supervisord. Since I'd lik...

by Motivator in

many splunkd.exe btool server list processes running on windows server

Hi. I have a small sandbox server, where I installed Splunk 6.5.2, and a test installation of ITSI (4 vCPU). When ...

by Contributor in

System requirements like RAM & cores etc if we use the departmental architecture.

Hi, What are the system requirements like RAM & cores etc. If we use the departmental architecture in Virtual mac...

by Path Finder in

Create search shows hosts status from Down to up

We need to send alert shows if hosts status change from down to up please help me how we can do this

by Explorer in

Keywords and Field name restrictions.

Can we search keywords in Splunk? Is field name restricted to 15 characters only? How can I name fields with more tha...

by New Member in

Where do I find the python log of a custom endpoint

I added a custom endpoint successfully. But where can I find the output of my print statement? Further more I like k...

by Explorer in

Splunk version changes depending on the screen I am on

Hello, Splunk is showing me different versions depending on where I am. For instance: On Apps, I see version 4.0 U...

by Path Finder in

Why there is an GET call to rum.statuscake.com:8000 in Splunk answers page

Hi Splunkers, This is not related to Splunk product details, found something interesting on splunk answers page. R...

by Explorer in

Need to find all fields related to sourcetype

Hi All New to spluk and have a basic question want know how to get all fields (selected and interesting fields...

by Explorer in

When will Splunk update the included version of Jquery?

Hi, Just curious what the timeframe is for Splunk including an updated version of jquery. Currently, Splunk ships ...

by Explorer in

How to bundle and reference jquery-ui library in Splunk

I am trying to figure out how to load the jquery-ui library into my splunk app and reference it in my Splunk dashboar...

by Path Finder in

Query many fields with the same part in the name

Hi, i have events in one sourcetype with over 90 similar fields like field1, field2 ... field90. I can write a...

by Communicator in

Stats (count(x) as countX, count(y) as countY) BY FIELD X

Hi, As the title suggests, I am after a query which gives me both the values of count(x) and count(y) by fieldX t...

by Engager in

Get Updates on the Splunk Community!

Splunk Dev

Discussions

Are search terms case sensitive?

Splunk SDK for PHP -- SSL error after upgrading to Splunk v6.6.2

How can you specify additional characters to the indexing tokenizer?

Why is some of my log file data indexed multiple times in Splunk?

How to Compare 2 fields from 2 sourcetypes and remove events that are the same and only in the second sourcetype

Search that shows which extract ran successfully or failed

Reading 1000+ overwritten json files on time interval

How can I get the percentage of requests taking less then 500ms?

Data upload to spool is truncated

Is it expected : Workflow action visible under action for notable events on incident review on enterprise security

Custom search command always shows Statistics tab

For the same type of event logs, why in uncommon cases, does Splunk not fully show all of the event log content?

How can I get splunk to run "ps aux" and check for a specific process?

many splunkd.exe btool server list processes running on windows server

System requirements like RAM & cores etc if we use the departmental architecture.

Create search shows hosts status from Down to up

Keywords and Field name restrictions.

Where do I find the python log of a custom endpoint

Splunk version changes depending on the screen I am on

Why there is an GET call to rum.statuscake.com:8000 in Splunk answers page

Need to find all fields related to sourcetype

When will Splunk update the included version of Jquery?

How to bundle and reference jquery-ui library in Splunk

Query many fields with the same part in the name

Stats (count(x) as countX, count(y) as countY) BY FIELD X

Can’t make it to .conf25? Join us online!

What Is Splunk? Here’s What You Can Do with Splunk

Level Up Your .conf25: Splunk Arcade Comes to Boston

Manual Instrumentation with Splunk Observability Cloud: How to Instrument Frontend ...

Limit Splunk RUM coverage to a specific JS file

API call to retrieve information about a search wh...

Much needed size optimization of this app - Python...

Custom command only running a few times when getti...

Splunk JAVA SDK Version issue

Splunk Dev

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!