Splunk Dev

Thread Info

How to set up in-page drilldown with different tokens

For a single in-page drilldown, the following codes work as expected from "master1" table. How can I set up an in-pag...

by Communicator in

Problem with JSON file

Hi all, I've got some problems with by RegEx commands on a JSON file. I'm trying to do a linebreak on each },{ val...

by Path Finder in

tstats and _time span

Hi, Still not sure on the '_time span=5s' element of the following search. The goal is to alert when a source devi...

by Path Finder in

Where can I find the Splunk SDK for .Net 4.0?

hi I have been trying to find Splunk SDK for .net 4.0 can someone please help? we can't upgrade our solution to...

by Explorer in

summary index not working

I have created a query index="xxx" source="xxxxxx"|dedup dn|sistats count scheduled this hourly I could not fin...

by Path Finder in

How do I create a table from 3 different lookup table and get the data to line up?

I have 3 lookups. 1 is primary users and a count of total users, 2 is primary users and a task, 3 is primary users an...

by New Member in

How to approach custom field extractions for new source with deployment server

New to Splunk Enterprise. Confused as to what the best approach for configuring multiple field extractions for a new ...

by Explorer in

Can Splunk read data from Aud$ and FGA_LOG$ ,can it be used to replace Oracle Audit vault

looking for the these information to pull live data from oracle database. Can it also pull the data from xml file. an...

by New Member in

I have two macro's depends on text input type hostname it should select the macro dynamically. Using below code

My Scenario:- Macro1=US_Base_Search Macro2= AD_Base_Search If host=AB* then need to get the data from macro US_Base_S...

by Loves-to-Learn in

Migrate Index without shutdown

Hi There, We have two indexer (not clustered) but on DNS roundrobin. We need to migrate the indexers to the new hardw...

by New Member in

dynamic option in an input panel

HI all, I would to build a dynamic value for a dynamic option in an 'dropdown' panel for a dashboard (splunk 6.5.2) ...

by Explorer in

How do you list all REST API endpoints available?

How do you list all REST API endpoints that are available?

by Splunk Employee in

How do I compare count over two time periods?

All, Thought there was a one stop shop command for this, but I can't find it. Basically I just want an alert when...

by Builder in

Lookup table disappears after deleting all rows

I have a lookup table for exclusions. that updates when user clicks on a value and it is added in the lookup table. H...

by Builder in

disappearing NULL-columns when sorting a table

Hey everyone, I have an issues with a table that has an empty column: index=_internal | head 10 | table _time h...

by Contributor in

base streamstats on timestamps in data not arrival time

Hi, I have a question I don't know if is quite possible to do. I have to calculate some data between events, but not ...

by Path Finder in

Using IF with multiple conditions

Hi Splunkers, The partner of my company send me a new log file with more details..... i do apologise for the inconven...

by Path Finder in

Why ext.domain is being extracted as an ext_domain field?

Our raw data holds name value pairs and one of the names is ext.domain. Splunk UI displays this field under the Inter...

by Ultra Champion in

Is it possible to add print/export icons using SplunkJS?

I'm trying to add print/export icons using Splunk's splunkjs framework and splunkjs/mvc/searchcontrolsview, to displa...

by Splunk Employee in

Time stamp for index time extraction

Following are the different time stamp we are getting from different sources and trying to write a time stamp for the...

by Explorer in

Is the StoragePasswords Python SDK support broken?

I've been trying to convert some Python code from using bare REST to using the Splunk Python SDK. I've been successfu...

by Explorer in

Unable to initialize modular input "jms" defined inside the app "jms_ta": Unable to locate suitable script for introspection for Index clustering

Hello Team. I have index clustering setup which comprises of 1 index master and 2 index peers. NOw I want to add j...

by Explorer in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Splunk Dev

Discussions

How to set up in-page drilldown with different tokens

Problem with JSON file

tstats and _time span

Where can I find the Splunk SDK for .Net 4.0?

summary index not working

How do I create a table from 3 different lookup table and get the data to line up?

How to approach custom field extractions for new source with deployment server

Can Splunk read data from Aud$ and FGA_LOG$ ,can it be used to replace Oracle Audit vault

I have two macro's depends on text input type hostname it should select the macro dynamically. Using below code

Migrate Index without shutdown

dynamic option in an input panel

How do you list all REST API endpoints available?

How do I compare count over two time periods?

Lookup table disappears after deleting all rows

disappearing NULL-columns when sorting a table

base streamstats on timestamps in data not arrival time

Using IF with multiple conditions

Why ext.domain is being extracted as an ext_domain field?

Is it possible to add print/export icons using SplunkJS?

Time stamp for index time extraction

Is the StoragePasswords Python SDK support broken?

Unable to initialize modular input "jms" defined inside the app "jms_ta": Unable to locate suitable script for introspection for Index clustering

Unpivot multi-value fields

Data not indexing from same script on different servers

How Can I Assign a Text Value Based on a Specific Error Code/EventType?

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

Limit Splunk RUM coverage to a specific JS file

API call to retrieve information about a search wh...

Much needed size optimization of this app - Python...

Custom command only running a few times when getti...

Splunk JAVA SDK Version issue

Splunk Dev

Are you a member of the Splunk Community?

Discussions