Splunk Enterprise

Ask a Question

Discussions

Thread Info

eval function

need help on eval function of trimming the month EX : April = APR all months first 3 letters thanks

by Explorer in

Need help with regex

Can some one help me to extract correlation _id from the below sample data. requirement is to extract the correlati...

by Path Finder in

Single Value Display text with colour

How to make the words colourful? What needs to be added at the source? <option name="drilldown">none</option> ...

by Path Finder in

Visualization for single value

I want to make the panel and the font smaller in size. So that I can put more panel in one line with the font visibl...

by Path Finder in

forgot my password and username

i forgot my username and passwords and now iam unable login. i dint even find the filepath $SPLUNK_HOME/etc/passwd) s...

by Observer in

How do I rebuilt a Cluster Master without a backup?

Due to a disaster the Cluster Master of my indexer cluster is gone. There is no way to recover its data and we do not...

by Splunk Employee in

How do I take a Splunk Index (IndxA.aws.gov) out of a cluster during a maintenance to avoid data loss? Thx a million

There is a maintenance being performed & we are told that an Index (part of a cluster) is going to be moved to a new ...

by Builder in

How do I check to see if my Splunk Technology add-ons (TAs) are working properly on Splunk Ent or ES? Thanks a mil.

Since TAs run in the background & usually not viewed, how do I check on their health? Any useful SPLs are appreciated...

by Builder in

help with EVAL command

| eval new_name=mvindex(split(name, ","),0), first name 0 and last name 1 split first and last name why s...

by Explorer in

assign values to multiple variables with the case command

hi,I have a question to ask: can you assign values to multiple variables in Splunk with the case command?I need that ...

by Communicator in

Left outer join in splunk using |mstats

HI Is it possible to do left outer join after using two |mstats commands like below? I have Process_Name common ...

by Influencer in

How to create an app on SHC

Hello, I am new to Splunk and I would like to create an app for my dashboards that would be visible on all Search H...

by New Member in

License requirement

What is the license required to be acquired for a single instance splunk enterprise deployment which involves zero da...

by Communicator in

How to take an Indexer (indexA.aws.gov) out of a Cluster during a maintenance to avoid data loss. Thanks a million

I work in a large environment clustered mostly, have Splunk Ent., ES. SHs & Indexers clustered) There is a maintenanc...

by Builder in

Not working SEDCMD. Props.conf. help

Not working SEDCMD in my props.conf /opt/splunk/etc/system/local/props.conf [ActiveDirectory] SEDCMD-ma...

by Communicator in

Active directory splunk

I am looking to see if anyone knows how to do this or if it is possible. I am trying to have splunk read to the Activ...

by New Member in

SSL certificate error: Couldn't find "distributed_tracer" in server.conf.

Hi Splunkers, I am getting below error while configuring the SSL certificate among the splunk hosts. ERROR Distri...

by Explorer in

Azure app issue

Hi Guys, We are using “Microsoft Azure App for Splunk” by getting inputs from “Splunk Add-on for Microsoft Clou...

by Path Finder in

Cyberoam Firewall Application

HiFriends, does anyone know the Application for cyberoam firewall?After selling Cyberoam to Sophos, other Application...

by Loves-to-Learn in

Can i get data to copy to the last line of an SPL output

After using multiple append=t and prestat=t I am unable to use stats to capture the data into one nice line, as one...

by Influencer in

foreach problem, sum of several fields conditioned to the name of the fields

Hi all,I have a problem that I cannot solve.I have data that is a result of a loadjob where the fields are named 0_PR...

by Communicator in

Splunk app for aws-config hang issue

Splunk app for AWS - config loading issue Using enterprise and app for aws both are latest versions .Please find the ...

by Explorer in

How to test drive a newly installed Splunk Enterprise server for functionality. What do u consider essential to check?

What settings, functionalities or areas would you check in a Newly installed Splunk Enterprise 8.2.3 making sure all ...

by Builder in

Splunk diag upload outbound traffic

In a locked down environment where outbound traffic is explicit, what is the IP range or URL to facilitate the "splun...

by Engager in

restore user token

Hi all, we are currently testing desaster recovery of our enviroment. We have a full backup of kvstore, apps and pa...

by Builder in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

eval function

Need help with regex

Single Value Display text with colour

Visualization for single value

forgot my password and username

How do I rebuilt a Cluster Master without a backup?

How do I take a Splunk Index (IndxA.aws.gov) out of a cluster during a maintenance to avoid data loss? Thx a million

How do I check to see if my Splunk Technology add-ons (TAs) are working properly on Splunk Ent or ES? Thanks a mil.

help with EVAL command

assign values to multiple variables with the case command

Left outer join in splunk using |mstats

How to create an app on SHC

License requirement

How to take an Indexer (indexA.aws.gov) out of a Cluster during a maintenance to avoid data loss. Thanks a million

Not working SEDCMD. Props.conf. help

Active directory splunk

SSL certificate error: Couldn't find "distributed_tracer" in server.conf.

Azure app issue

Cyberoam Firewall Application

Can i get data to copy to the last line of an SPL output

foreach problem, sum of several fields conditioned to the name of the fields

Splunk app for aws-config hang issue

How to test drive a newly installed Splunk Enterprise server for functionality. What do u consider essential to check?

Splunk diag upload outbound traffic

restore user token

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts

Video | Tom’s Smartness Journey Continues

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Risk Vulnerability Assesment for list_storage_pass...

Changing server IP from 127.0.0.1 to 192.168.0.100

SSL certificate check with SNI (Server Name Indica...

Higher memory usage with 9.4.0 splunkd process.

How to migrate a distributed, clustered Splunk (9....