Splunk Enterprise

Discussions

Thread Info

Splunk Enterprise Certified Admin Recertification

I passed the new exam in January 2019. My understanding was under the new system the Admin certification expired 2 ye...

by Explorer in

splunk-optimize fails rc=-29 (unsigned 227)

Hi all, I'm receiving a lot of splunk-optimize errors in splunkd.log. ls -l /opt/splunk/var/lib/splunk/audit/db/...

by Builder in

Allow Different Splunk Users To Configure The Splunk_TA_snow

I am using Splunk_TA_snow in my environment. Can I configure the TA based on user that is logged in? Below is the des...

by Splunk Employee in

Report Audit

I would like to run an audit report on who has created dashboards and reports in Splunk. Any help is greatly appreci...

by Communicator in

transition from local splunk authentication to saml authentication

Hi, currently I have local splunk accounts for all users. Now I am setting up SAML (okta) authentication for all thos...

by Builder in

Nasuni Appliance integration with Splunk

Hi All, Greeting for the day!! Can someone provide me any suggestion on the feasibility of integrating Nasuni appli...

by New Member in

Couldn't set sourcetype on transforms.conf

Hi, I'm having an issue with the set of the sourcetype in transforms.conf at the moment of sending the data of a si...

by Explorer in

Unable to login

Hi Team, I'm unable to login the splunk account, Could you please help me to get it fix. Thanks Ravi Sangot...

by New Member in

Add CPU cores and changing limits.conf ?

I will be adding CPU cores to my search head (virtual). After I have added the cores, do I need to manually update li...

by Communicator in

Collect Events for client in mobile app

Hello guys,we use splunk enterprise in our backend, however we need to collect the events that occur on the client of...

by New Member in

Using Splunk Dashboards(beta) and EDFS

Hello, Splunk Experts! I'm currently working on making some awesome dashboard with splunk enterprise. I was s...

by Path Finder in

Logon | Logoff Duration Report

Does anyone have an accurate logon | logoff duration SPL query that they would not mind sharing?

by Communicator in

Issues installing Splunk Enterprise 8.1.1 for windows 10

Hello I was trying to install Splunk Enterprise 8.1.1 for windows 10 and i keep getting an error message during the...

by Observer in

index bucket

[ind2] HomePath = $SPLUNK_DB/ind2/db ColdPath = $SPLUNK_DB/ind2/colddb ThawedPath = $SPLUNK_DB/ind2/thaweddb ...

by Path Finder in

Can I use Web Terminal for Splunk (CLI) App in splunk to back fill summary indexes?

Can I use Web Terminal for Splunk (CLI) App in splunk to back fill summary indexes? If so, what could be the sa...

by Builder in

Convert Seconds output to HH:MM:SS Format

I'd like to convert the output of the below SPL to reflect HH:MM:SS rather than just seconds. Any help is greatly ap...

by Communicator in

Logon Duration

I'd like to get the logon/logoff duration times of just one user, what would be the best SPL to go with to determine ...

by Communicator in

Wrong percent values caclulated by "top" command on multivalue fields?

Hello, I have observed that the "top" command seems to calculate wrong percentage values if used on a multivalue fi...

by New Member in

splunk cli command -token argument not working on windows

Hello Folks I have a scripted input using -passAuth in my inputs.conf. However i've been testing the script on a ...

by Loves-to-Learn in

Generate hashes for buckets that were created before data integrity control was enabled

After enabling data integrity control for an index, I cannot find a way to generate hashes for existing buckets. `....

by Engager in

forward data shaped on 250mbps and event

Hai saya memiliki firewall yang mengirim data syslog ke HF splunk saya masalah saya adalah ketika data aliran sys...

by New Member in

Dropdown and input options on output which is obtained using join command

Hi All, I am trying to add dropdown on workname but output always comes as no records found although that workname ...

by Explorer in

peakTPS for every one hour in last 24 hours

i am trying to find out peakTPS for every one hour in last 24 hours duration, i have below query but thats giving pea...

by Engager in

data is not populating using dropdown selection

Hi Everyone,I have extracted field name status using rex. Then I have added dropdown input in which I have all the v...

by Explorer in

How do I handle multivalues by splunk custom search command under Search Command Protocol version 2.

https://community.splunk.com/t5/Splunk-Search/Is-it-possible-to-sort-or-reorder-a-multivalue-field/m-p/39429I want to...

by Ultra Champion in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

Splunk Enterprise Certified Admin Recertification

splunk-optimize fails rc=-29 (unsigned 227)

Allow Different Splunk Users To Configure The Splunk_TA_snow

Report Audit

transition from local splunk authentication to saml authentication

Nasuni Appliance integration with Splunk

Couldn't set sourcetype on transforms.conf

Unable to login

Add CPU cores and changing limits.conf ?

Collect Events for client in mobile app

Using Splunk Dashboards(beta) and EDFS

Logon | Logoff Duration Report

Issues installing Splunk Enterprise 8.1.1 for windows 10

index bucket

Can I use Web Terminal for Splunk (CLI) App in splunk to back fill summary indexes?

Convert Seconds output to HH:MM:SS Format

Logon Duration

Wrong percent values caclulated by "top" command on multivalue fields?

splunk cli command -token argument not working on windows

Generate hashes for buckets that were created before data integrity control was enabled

forward data shaped on 250mbps and event

Dropdown and input options on output which is obtained using join command

peakTPS for every one hour in last 24 hours

data is not populating using dropdown selection

How do I handle multivalues by splunk custom search command under Search Command Protocol version 2.

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

cgroup error when Splunk Universal Forwarder v9.4....

AI toolkit app 2890

Assistance Needed: Pulling Data from Splunk Enterp...

issue on splunk deployment server forwarder manage...

Deployment Manager フォワーダー管理でエージェントが表示されない

Splunk Enterprise

Are you a member of the Splunk Community?

Discussions