Splunk Enterprise

Community Activity

Not getting events from sourcetype Unix:Uptime from Splunk Add-On from unix and linux (uptime.sh) Hello,I am not getting events from the uptime.sh which gives system date and uptime information via the shell command... by mayankrojo Explorer in Splunk Enterprise 01-12-2022 0 5	0	5
Assigning assets to departments based off naming convention. Hi Everyone, I am new to splunk and need some help.I am attempting to create a dashboard that separates the asset's v... by sandyjov1 Explorer in Splunk Enterprise 01-11-2022 0 3	0	3
duplicate events, multiple indexed times hello, i am monitoring windows event logs and ingesting them to my indexers, the issue is that even with a unique Eve... by willsy Communicator in Splunk Enterprise 01-11-2022 0 5	0	5
difference between heavy forwarder and universal forwarder Can somebody briefly explain difference between Universal Forwarder and Heavy Forwarder? Also is it possible that we... by sonusngh68 New Member in Splunk Enterprise 01-11-2022 0 4	0	4
Error when pushing bundle to shcluster. Error = "No target specified" We are using a stand-alone deployer to deploy apps to a cluster of 5 search heads. Currently, when trying to push a s... by mhofmeester New Member in Splunk Enterprise 01-11-2022 0 12	0	12
help on command as a token hi I would like to know if it is possible to ruse a comand as a tokenI need to replace the command "perc90" by "perc... by jip31 Motivator in Splunk Enterprise 01-11-2022 0 1	0	1
The percentage of high priority searches skipped Hello, My splunk cluster have a alert like" The percentage of high priority searches skipped (21%) over the last 24 h... by scqing Engager in Splunk Enterprise 01-11-2022 0 3	0	3
Need help with Heavy Forwarders stop sending data or a significant drop in it's data sending (5-10% drop of total amount Please help with an SPL or use MC to see if / when a HF stops sending data or there is a big drop in the amount of da... by SamHTexas Builder in Splunk Enterprise 01-10-2022 0 0	0	0
7.0.0 or better version of the UF for 32-bit Windows Server 2008 SP2 We're moving to Splunk Cloud, but we have some legacy hosts for which I need a forwarder upgrade. Is there any compa... by wbfoxii Communicator in Splunk Enterprise 01-10-2022 0 0	0	0
unable to execute Python script using custom search command Hi,I am seeking assistance to execute Python script located under custom app. Script is working fine in cmd prompt. ... by vijayaaccent New Member in Splunk Enterprise 01-10-2022 0 0	0	0
help on subsearch with join command hiI need to improve the subsearch belowI explain : the piece of code in the subsearch count the number of core of the... by jip31 Motivator in Splunk Enterprise 01-10-2022 0 2	0	2
time stamp Hello, need assistance on time format input : output : ... by shreyasamin64 Explorer in Splunk Enterprise 01-10-2022 0 1	0	1
Splunk Summary Index : How to include actual time in summary index Hi Team,I was comparing the Summary Index transaction time with the live Splunk server transaction time. I see all tr... by beriwalnishant Path Finder in Splunk Enterprise 01-10-2022 0 0	0	0
Check if a particular file exists inside a tar file I have field with filename containing .tgz file. I need to check if a particular file example XYZ exists inside this... by BasicLearner Loves-to-Learn Everything in Splunk Enterprise 01-10-2022 0 6	0	6
Reg. Synching or Copying Reports from Splunk Ent. to ES. What options are there so, it won't overload ES? Thx a mil. I posted this subject a few days ago & a couple of champs stated that it was not advisable because it would over load... by SamHTexas Builder in Splunk Enterprise 01-07-2022 0 0	0	0
help to display only the last event following a bin _time span hi index=toto sourcetype=tutu type=* \| fields host _time runq type \| join host [ search index=toto sourcetype=... by jip31 Motivator in Splunk Enterprise 01-07-2022 0 4	0	4
help on transforms.conf hii have difficulties to understandand whats exacty do the field DEST_KEY and FORMAT on my host in stanza 1 and FORMA... by jip31 Motivator in Splunk Enterprise 01-06-2022 0 1	0	1
How do I copy an App From Splunk Ent. to ES please? Thx a million I have a few apps that contain repots that I need to copy to ES please. Thank u by SamHTexas Builder in Splunk Enterprise 01-06-2022 0 2	0	2
Is there any way to simplify this query? I have a data field categ_hierarchy in the format of a series of up to 8 category IDs joined by ">>". For example:cat... by rberman Path Finder in Splunk Enterprise 01-06-2022 1 2	1	2
Summary Index - How to count using eval on a specific field equals to true Hi Team,I am stuck with a query that is not working.I have set up a summary index that collects data every 1 hour and... by beriwalnishant Path Finder in Splunk Enterprise 01-06-2022 0 3	0	3
Splunk HTTPS event collector Load balancing over Indexer Cluster Hello All,I have to load balance the https requests over indexer cluster. Need to know the best approach to load bala... by ayush-choudhary Explorer in Splunk Enterprise 01-06-2022 0 1	0	1
Splunk search Can some one help me in building a Splunk search with the below mentioned criteria!.My application contains some fiel... by LolabhattuA Loves-to-Learn in Splunk Enterprise 01-06-2022 0 4	0	4
has anyone had success in installing UF Version 7.x or 8.x 32bit on a windows server 2008 OS some R2 some not has anyone had success in installing UF Version 7.x or 8.x 32bit on a windows server 2008 OS some R2 some not - we ha... by radam2000 Path Finder in Splunk Enterprise 01-05-2022 0 1	0	1
Reg. running a daily check aside from the MC do you have a check list you run to make sure all components are healthy? Aside from the MC in distributed mode checks do you have a comprehensive check list you run making sure all counters ... by SamHTexas Builder in Splunk Enterprise 01-04-2022 0 2	0	2
Removing header from CSV file I have a CSV file placed in a UF and the CSV data is as follows'"Name" "userid" "use location" "userdesignation"'Raj ... by krish5vuda Engager in Splunk Enterprise 01-04-2022 0 3	0	3