Splunk Enterprise

Community Activity

splunk when iam using this commandsanjay@ubuntu:~/opt/splunk$ cd var iam getting this errorbash: cd: var: Permission deni... by SANMEHTP Observer in Splunk Enterprise 02-06-2022 0 1	0	1
sudo: ./splunk: command not found sudo ./splunk add forward-server 10.0.0.218 :9997 after running this command[sudo] password for smsplunkforwarder:iam... by SANMEHTP Observer in Splunk Enterprise 02-06-2022 0 1	0	1
help on total sum hihow to do a total of these 3 fields please?\| stats count(hang_process_name) as "h", count(crash_process_name) as "c... by jip31 Motivator in Splunk Enterprise 02-05-2022 0 1	0	1
Splunk Enterprise Security upgrade Greetings!!!How to updrade from 5.3.0 to SPlunk Enterprise Security version 7.0, I am having splunk enterprise 7.2.... by pacifikn Communicator in Splunk Enterprise 02-05-2022 0 5	0	5
Knowledge Bundle I was investigating bundle sizes coming from one of my SHC and came across several apps in the bundle that had the fo... by CarsonZa Contributor in Splunk Enterprise 02-04-2022 1 5	1	5
Splunk 8.2.1 on Windows Crashes every night every night my Server Crashes saying out of memory error however I have more than enough memory.In event logs get a :... by tam82 Explorer in Splunk Enterprise 02-04-2022 0 1	0	1
Using dbconnect rising input for Oracle table Hello,we would like to use the rising input mode for a dbconnect (2.x) query.Unfortunately, the destination table is ... by GabrieleD New Member in Splunk Enterprise 02-04-2022 0 1	0	1
Unable to load local html webpage in Splunk dashboard I would like to view html webpage which is located under one of the Splunk apps local directory. I have created dashb... by vijayaaccent New Member in Splunk Enterprise 02-03-2022 0 2	0	2
role that only can create users and roles Hello, I need a role that only can create users and roles. I selected capabilities as admin_all_objects, edit_user a... by TGMAna Loves-to-Learn in Splunk Enterprise 02-03-2022 0 0	0	0
Need help help reg. KVSTORE running on the Search Heads? Do you agree that kvstores should only run on the SHs? Thx I work in a large Splunk, ES clustered environment. Should the KVSTORES only be running on the SHs? Looks like after ... by SamHTexas Builder in Splunk Enterprise 02-03-2022 0 1	0	1
Comparison of details Hi Experts, I wondered the best way of comparing the below data. So I have a query which retu... by luckyman80 Path Finder in Splunk Enterprise 02-03-2022 0 1	0	1
Premium apps licensing vs. Splunk Enterprise licensing As far as I know, the size of the ITSI or ES license a customer buys should be equal to the basic Splunk Enterprise l... by PickleRick SplunkTrust in Splunk Enterprise 02-03-2022 0 2	0	2
How to set a Field Value to "True OR False" based on other Field value Hi Team,I have a situation where I need to base a field value in the normal search query on 'true' or 'false' based o... by beriwalnishant Path Finder in Splunk Enterprise 02-02-2022 0 2	0	2
The lookup command with WILDCARD of a large file doesn't work When I checked the lookup command with "WILDCARD", the command doesn't work if the file size becomes large.Does anyon... by tommyJ Observer in Splunk Enterprise 02-02-2022 0 0	0	0
how to find out if someone modified an index or deleted eventdata from an index ? I had a test_index index created where I was sending all test data. However, out of nowwhere, today I see all data go... by damode Motivator in Splunk Enterprise 02-02-2022 0 3	0	3
How to identify the ISP/Domain based on IP address Hi All,We are getting the IP address in the logs. But we are unable to find ISP/Domain based on IP Address .Can you p... by sanket4147 Loves-to-Learn Lots in Splunk Enterprise 02-02-2022 0 1	0	1
Mechanism that is used while searching What happens when we hit something in Splunk search bar, what mechanism is followed by VijaySrrie Builder in Splunk Enterprise 02-02-2022 0 1	0	1
Splunk Servers Missing on Deployment Servers Hi all,I have an issue here. I was trying to install apps through the deployment server and I noticed that the search... by boydtc Loves-to-Learn Everything in Splunk Enterprise 02-02-2022 0 1	0	1
help on eval case hisplunk tells me that "the arguments to the case function are invalid"what is wrong please? \| eval site=case(site=="... by jip31 Motivator in Splunk Enterprise 02-02-2022 0 2	0	2
help on custom cluster map hiI use the search below in order to display the number of events corresponding to my main search on a cluster mapThe... by jip31 Motivator in Splunk Enterprise 02-02-2022 0 2	0	2
savedsearch in parsing forever end ever Hello, I would like to summary index some data from heaving searches.The savedsearch is [Summary - servizi BIND by ... by sistemistiposta Path Finder in Splunk Enterprise 02-02-2022 0 0	0	0
Estimating Metrics Index License Consumption I have been asked to start monitoring several Windows servers for computer consumption i.e. CPU and memory consumptio... by shocko Contributor in Splunk Enterprise 02-01-2022 0 1	0	1
Does Splunk Enterprise (60 days Eval) have the same limitation with the Zscaler app and Zscaler add-on like Splunk Cloud Does Splunk Enterprise 8.2.4 60 days Eval have the same limitation with the Zscaler app and Zscaler add-on like Splu... by asif99usa New Member in Splunk Enterprise 02-01-2022 0 2	0	2
Log4j vulnerable version found on Splunk 8.1.7.1 Hi all,During a scan of our infra, our system detected that in splunk version 8.1.7.1 , there is still present log4j ... by pbalbasdtt Path Finder in Splunk Enterprise 01-31-2022 0 1	0	1
Need to use different Pass4symmkey to 2 different Splunk environments every time I modify my Pass4symm key in outputs.conf needed to forward to a different Splunk environment it ends up g... by tam82 Explorer in Splunk Enterprise 01-31-2022 0 4	0	4