Splunk Dev

Thread Info

Use import date/time

Hi, Is there a way to use the import date and time vs. having splunk try to interpret a date in the event? The dat...

by Motivator in

remove events from Windows security

Receiving windows security logs from UF's I have a created an app on my HF and put transforms and props in the loc...

by Builder in

Events are coming across as 1 event

Hi, I have the below data and Splunk is importing it as 1 event instead of two. The break should be on "Premise". ...

by Motivator in

Question for intelligence ...?challenge Question..?

i want a diargam in splunk which is rounded circle with spark line .and groupped radial gauges.those diagrams are sim...

by Motivator in

Question regarding SPLUNK_ARG_8/ Difficulty in writing python script for alert

Hello Guys, I have demo.csv file which is being continuously monitored, this file contains 3 fields namely servern...

by Explorer in

Nested Search Query

Hi, I need a way to merge these two queries to get a proper report with having to run them separately. First Qu...

by Explorer in

How to search for a field that has occurred more than 50 times within a time period, say 5 mins ?

I have a search query like this, index=ST sourcetype=CP | bin span=5m _time |stats dc(something) as total by _time,i...

by New Member in

Cron job condition when running DBX query

Hi, I have a condition where we have to run dbxquery command based on scheduling condition.. Only on Mondays between...

by Communicator in

how to upload logfile on free splubk cloud

Hi all, I am new to splunk, I have just registered for splunk cloud free trail, I wanted to upload logfile, but un...

by New Member in

Need to filter out events based on each value of a multi-valued field.

Hi, I basically need help in modifying a 'where' clause of a search string based on single valued to a multi-value...

by New Member in

How to return a row from lookup file, even if no events match criteria?

Greetings. I am creating a table that charts "Total Spent" over Department by Month. This report also shows the D...

by Engager in

Splunk upgrade 6.3 > 6.6 missing icons

Very similar to https://answers.splunk.com/answers/312247/after-upgrading-a-search-head-cluster-to-splunk-63-1.html?u...

by Explorer in

Why is fill_summary_index failing to get list of scheduled times?

I created a report to send data into the summary index under a certain title. It's working. The problem is that I can...

by Path Finder in

chart - how to display count of each bar on top of it?

how can i display count of each bar on top of it? index=* ......|chart count by _time how to display number of ...

by New Member in

Pulling out hostname from UNC path in windows

i have several SQL servers with logs in different places so i've got a share UNC location so i can deploy inputs.conf...

by Builder in

rex invalid argument

Hi, We're using 6.5.3. Got error "Error in 'rex' command: Invalid argument: ' ' " for query like following: ...

by Communicator in

system app - what data is being stored in this index

Hi, Newbie splunk question. I have a Splunk server that is running out of disk space. Looking at all the indexes, ...

by New Member in

Event Correlation - Display events from two sourcetypes

I'm trying to do event correlation between two different sourcetypes using the following: sourcetype=logweb host=s...

by New Member in

exclude a column from a timechart table

Hi at all, I have a search that extract a time distribution by tag::eventtype: index=my_index | timechart count by...

by SplunkTrust in

Splunk will not start - ImportError: cannot import name simpleRequest

Splunk fails to start. From the cli startup we can see the following: D:\Program Files\Splunk\bin>.\splunk status ...

by Splunk Employee in

How to read Ajax passed JSON object in Python?

Hi, How to read Ajax passed JSON object in .py file? Below are my code snippets from Splunk view, web.conf and .py...

by Communicator in

How do I programmatically determine if my app is running on Splunk Cloud?

I have an app that needs to determine if it is running on Splunk Cloud. How do I determine if my Splunk install is ru...

by Champion in

Is Python 3.x in Splunk's Future?

Are there any plans to migrate Splunk to Python 3.x? Should I learn Python 2.x or 3.x? After 20 years in IT, I've ...

by Path Finder in

python script as unarchive_cmd in props.conf?

Hi, I've been strumming the documentation and looking through the answers site, so far unable to come up with a solut...

by Path Finder in

persist settings per logged in user in a controller

I would like to persist a few variables per user for usage in a controller I tried to add a key to the cherrypy.se...

by SplunkTrust in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Dev

Discussions

Use import date/time

remove events from Windows security

Events are coming across as 1 event

Question for intelligence ...?challenge Question..?

Question regarding SPLUNK_ARG_8/ Difficulty in writing python script for alert

Nested Search Query

How to search for a field that has occurred more than 50 times within a time period, say 5 mins ?

Cron job condition when running DBX query

how to upload logfile on free splubk cloud

Need to filter out events based on each value of a multi-valued field.

How to return a row from lookup file, even if no events match criteria?

Splunk upgrade 6.3 > 6.6 missing icons

Why is fill_summary_index failing to get list of scheduled times?

chart - how to display count of each bar on top of it?

Pulling out hostname from UNC path in windows

rex invalid argument

system app - what data is being stored in this index

Event Correlation - Display events from two sourcetypes

exclude a column from a timechart table

Splunk will not start - ImportError: cannot import name simpleRequest

How to read Ajax passed JSON object in Python?

How do I programmatically determine if my app is running on Splunk Cloud?

Is Python 3.x in Splunk's Future?

python script as unarchive_cmd in props.conf?

persist settings per logged in user in a controller

Brains, Bytes, and Boston: Learn from the Best at .conf25

Splunk AppDynamics Agents Webinar Series

SplunkTrust Application Period is Officially OPEN!

Limit Splunk RUM coverage to a specific JS file

API call to retrieve information about a search wh...

Much needed size optimization of this app - Python...

Custom command only running a few times when getti...

Splunk JAVA SDK Version issue

Splunk Dev

Are you a member of the Splunk Community?

Discussions