Splunk Enterprise

Community Activity

How to count distinct values of a multi value field Hi, I have a weird requirement where I have to count the distinct values of a multi value field. So I have a xml wher... by shashank_24 Path Finder in Splunk Enterprise 03-09-2021 0 1	0	1
How to Convert row values to column name with corresponding values. My base search provides me this result:Column_1 Column_2--------------------------- Val1 A ... by abhishekpatel2 Explorer in Splunk Enterprise 03-09-2021 0 10	0	10
Inventory status monitoring Dear all, Current situation is I uploaded a inventory table to Splunk and the table is like below.Hostname IP -----... by new2spl_unk Explorer in Splunk Enterprise 03-08-2021 1 7	1	7
Cannot find MSAD:NT6:DNS data Hello Splunkers!I have set up a DNS analytical logging on a windows 2012 R2 server with the following configuration: ... by andresito123 Communicator in Splunk Enterprise 03-08-2021 0 2	0	2
Coldtofrozenscript Google Cloud Storage on demand I need an example script for sending buckets to Google Cloud Storage when it reaches the freeze state.However due to ... by msnhd3 Loves-to-Learn in Splunk Enterprise 03-08-2021 0 0	0	0
We receive Your session has expired. Log in to return to the system Hello, Good day to you. We are experiencing an issue wherein, our Splunk instance when accessed outside its host (win... by jmdelrosario26 Explorer in Splunk Enterprise 03-08-2021 0 2	0	2
Searchheads can not pull apps from Deployer on ansible env, error 401 - We tried to implement shclustering with splunk-ansible (https://github.com/splunk/splunk-ansible) - But it is not p... by sarit_s Communicator in Splunk Enterprise 03-08-2021 0 1	0	1
Upgrade splunk 7342 on windows 2012r2 to Windows server 2019 running latest version of splunk enterprise. HiI wanted to know the best way to upgrade from Splunk 7342 running on windows server 2012r2 to windows server 2016... by mikejones Observer in Splunk Enterprise 03-08-2021 0 1	0	1
Windows Server 2019 compatibility Hello,we are uprading EoL Windows Server 2008/r2 to Windows Server 2019. What is the lowest UniversalForwarder app su... by pavelpyszko New Member in Splunk Enterprise 03-08-2021 0 1	0	1
Usage of macro in Event types in Splunk Hello Guys,Good Day!!Can anyone please help me with a question that I have. Can I use a macro in the event type in Sp... by mayankrojo Explorer in Splunk Enterprise 03-08-2021 0 1	0	1
Upgrading Splunk Enterprise and Universal Forwarders Hello All,I am looking for assistance with upgrading a single Splunk Enterprise Windows server (no cluster) that is r... by alkraw New Member in Splunk Enterprise 03-05-2021 0 1	0	1
how to give splunk user in Linux UF to read /var/log/messages.log - permission denied redhat 7created a splunk user in linux - added user to wheel group and sudoersInstalled splunk UF for linux 7.3.7.1al... by radam2000 Path Finder in Splunk Enterprise 03-05-2021 0 1	0	1
Phantom Warm-Standby Is there a way to fully automate phantom warm-standby flip? Current steps are manual and needs by ravideshmukh New Member in Splunk Enterprise 03-05-2021 0 0	0	0
splunk add shcluster-member used splunk remove shcluster-member and removed an existing cluster , then after the serachhead restart tried to add ... by Ishwarya2806 Loves-to-Learn in Splunk Enterprise 03-05-2021 0 3	0	3
Help with Stats command and total count of errors Hi, I am working an setting up a alert where I need to count if there have been more than 50 count of errors in last ... by shashank_24 Path Finder in Splunk Enterprise 03-05-2021 0 4	0	4
A script exited abnormally with exit status: 3 A search head has the following error message:Health Check: msg="A script exited abnormally with exit status: 3" inpu... by TheBravoSierra Path Finder in Splunk Enterprise 03-05-2021 0 2	0	2
How can I configure Splunk to read a csv file from a sourcetype GuysI have the following .csv file that needs to be captured by Universal Forwarder, but the data is coming in messy.... by leandromatperei Path Finder in Splunk Enterprise 03-05-2021 0 1	0	1
CMMaster - Unable to send scheduled jobs Hi everyone, i've currently deployed the following instances in my Splunk infrastructure using Splunk 8.1.0: - 1 Sear... by Rosichia Observer in Splunk Enterprise 03-05-2021 0 20	0	20
Filter condition in a timechart We have following query used for generating few dashboards. However we would like to setup an alert whenever the sum(... by akpadhi Explorer in Splunk Enterprise 03-05-2021 0 5	0	5
Regex to capture below format data Hi ,please help me with regex expression to capture the data in below part which is in bold and underlined.e+o.in_zpi... by Ashwini008 Builder in Splunk Enterprise 03-04-2021 0 4	0	4
Migration of Indexer clustering to new servers Hi All. I am working on Splunk migration project which involves moving of Splunk instances to new servers. Till now I... by dvohra Explorer in Splunk Enterprise 03-04-2021 0 6	0	6
after upgrade from splunk-7.3.1 to splunk-8.1.1 service crash HiUpgrade from splunk-7.3.1 to splunk-8.1.1 have some issue: 1-when I going to "search page" at this url http://IP:90... by indeed_2000 Motivator in Splunk Enterprise 03-04-2021 0 0	0	0
Cisco ISE -> New line in Syslog -> Splunk HiWe have Cisco ISE that sends log to our Splunk using rsyslog as a receiver for TCP Syslog.Problem are that some of ... by jotne Builder in Splunk Enterprise 03-04-2021 0 0	0	0
How to color the field value based on the value present in another field? Hi,I want to color the filename value (.i.e Account) with red color , if the value present in another fields is blank... by Ashwini008 Builder in Splunk Enterprise 03-04-2021 0 1	0	1
Does Splunk Enterprise overwrite lookups during app upgrade? Trying to understand how lookups are handled during app upgrade. If I upgrade an app, will an existing lookup be over... by sroback_splunk Splunk Employee in Splunk Enterprise 03-03-2021 0 1	0	1