Splunk Enterprise

Community Activity

Replication Factor and Search Factor Why replication Factor is equal or greater than search factor? by sanjubaba Path Finder in Splunk Enterprise 03-10-2021 0 1	0	1
help on a filter token which falsify the results hiI am doing a basic count with the xml below <input type="dropdown" token="tok_filtersite" searchWhenChanged="t... by jip31 Motivator in Splunk Enterprise 03-09-2021 0 5	0	5
Order in which Splunk servers should be patched & rebooted. Some has to be put in maintenacce mode right? I have a LM, CM , few Unix servers containing my Indexers. Would like to patch the unix servers & reboot them.in what... by SamHTexas Builder in Splunk Enterprise 03-09-2021 0 1	0	1
Help me to restart splunk UF agent!!! Hi All,I am trying to restart the Splunk UF agent in my Linux server, but it is throwing the following error."Removin... by yamini_37 Path Finder in Splunk Enterprise 03-09-2021 0 4	0	4
How to count distinct values of a multi value field Hi, I have a weird requirement where I have to count the distinct values of a multi value field. So I have a xml wher... by shashank_24 Path Finder in Splunk Enterprise 03-09-2021 0 1	0	1
How to Convert row values to column name with corresponding values. My base search provides me this result:Column_1 Column_2--------------------------- Val1 A ... by abhishekpatel2 Explorer in Splunk Enterprise 03-09-2021 0 10	0	10
Inventory status monitoring Dear all, Current situation is I uploaded a inventory table to Splunk and the table is like below.Hostname IP -----... by new2spl_unk Explorer in Splunk Enterprise 03-08-2021 1 7	1	7
Cannot find MSAD:NT6:DNS data Hello Splunkers!I have set up a DNS analytical logging on a windows 2012 R2 server with the following configuration: ... by andresito123 Communicator in Splunk Enterprise 03-08-2021 0 2	0	2
Coldtofrozenscript Google Cloud Storage on demand I need an example script for sending buckets to Google Cloud Storage when it reaches the freeze state.However due to ... by msnhd3 Loves-to-Learn in Splunk Enterprise 03-08-2021 0 0	0	0
We receive Your session has expired. Log in to return to the system Hello, Good day to you. We are experiencing an issue wherein, our Splunk instance when accessed outside its host (win... by jmdelrosario26 Explorer in Splunk Enterprise 03-08-2021 0 2	0	2
Searchheads can not pull apps from Deployer on ansible env, error 401 - We tried to implement shclustering with splunk-ansible (https://github.com/splunk/splunk-ansible) - But it is not p... by sarit_s Communicator in Splunk Enterprise 03-08-2021 0 1	0	1
Upgrade splunk 7342 on windows 2012r2 to Windows server 2019 running latest version of splunk enterprise. HiI wanted to know the best way to upgrade from Splunk 7342 running on windows server 2012r2 to windows server 2016... by mikejones Observer in Splunk Enterprise 03-08-2021 0 1	0	1
Windows Server 2019 compatibility Hello,we are uprading EoL Windows Server 2008/r2 to Windows Server 2019. What is the lowest UniversalForwarder app su... by pavelpyszko New Member in Splunk Enterprise 03-08-2021 0 1	0	1
Usage of macro in Event types in Splunk Hello Guys,Good Day!!Can anyone please help me with a question that I have. Can I use a macro in the event type in Sp... by mayankrojo Explorer in Splunk Enterprise 03-08-2021 0 1	0	1
Upgrading Splunk Enterprise and Universal Forwarders Hello All,I am looking for assistance with upgrading a single Splunk Enterprise Windows server (no cluster) that is r... by alkraw New Member in Splunk Enterprise 03-05-2021 0 1	0	1
how to give splunk user in Linux UF to read /var/log/messages.log - permission denied redhat 7created a splunk user in linux - added user to wheel group and sudoersInstalled splunk UF for linux 7.3.7.1al... by radam2000 Path Finder in Splunk Enterprise 03-05-2021 0 1	0	1
Phantom Warm-Standby Is there a way to fully automate phantom warm-standby flip? Current steps are manual and needs by ravideshmukh New Member in Splunk Enterprise 03-05-2021 0 0	0	0
splunk add shcluster-member used splunk remove shcluster-member and removed an existing cluster , then after the serachhead restart tried to add ... by Ishwarya2806 Loves-to-Learn in Splunk Enterprise 03-05-2021 0 3	0	3
Help with Stats command and total count of errors Hi, I am working an setting up a alert where I need to count if there have been more than 50 count of errors in last ... by shashank_24 Path Finder in Splunk Enterprise 03-05-2021 0 4	0	4
A script exited abnormally with exit status: 3 A search head has the following error message:Health Check: msg="A script exited abnormally with exit status: 3" inpu... by TheBravoSierra Path Finder in Splunk Enterprise 03-05-2021 0 2	0	2
How can I configure Splunk to read a csv file from a sourcetype GuysI have the following .csv file that needs to be captured by Universal Forwarder, but the data is coming in messy.... by leandromatperei Path Finder in Splunk Enterprise 03-05-2021 0 1	0	1
CMMaster - Unable to send scheduled jobs Hi everyone, i've currently deployed the following instances in my Splunk infrastructure using Splunk 8.1.0: - 1 Sear... by Rosichia Observer in Splunk Enterprise 03-05-2021 0 20	0	20
Filter condition in a timechart We have following query used for generating few dashboards. However we would like to setup an alert whenever the sum(... by akpadhi Explorer in Splunk Enterprise 03-05-2021 0 5	0	5
Regex to capture below format data Hi ,please help me with regex expression to capture the data in below part which is in bold and underlined.e+o.in_zpi... by Ashwini008 Builder in Splunk Enterprise 03-04-2021 0 4	0	4
Migration of Indexer clustering to new servers Hi All. I am working on Splunk migration project which involves moving of Splunk instances to new servers. Till now I... by dvohra Explorer in Splunk Enterprise 03-04-2021 0 6	0	6