Splunk Enterprise

Discussions

Thread Info

Splunk Light Cloud Deployment Server host and port

I guess I can't post links. i'm trying to follow instructions on a page you can find by Googling GettingdataintoSplun...

by Explorer in

Splunk Offline

I have 15 offline system I run weekly audits on. Is Splunk the way to go to analyze these audits? I will need to run ...

by New Member in

How to arrange the by "time" column in order of latest date first in chart command?

index=auto_prod_rmt sourcetype=auto_prod_rmt_healthcheck earliest=-7d |rex field=_raw "Application=(?.)\sTask" |rex f...

by Communicator in

Replicating Splunk Search Head (Not Clustering)

Hi, I am looking to replicate all the Search Head Configurations (Users, Roles, Dashboards, Apps etc) from one workin...

by Explorer in

How do I download update files on behalf of a client?

I am co-managing a client's Splunk deployment, and it's come to my attention that several applications need updates (...

by Explorer in

Splunk App for AWS - no accounts in configure tab

This is a fresh install of Splunk Lite, and the AWS App for Splunk (latest of both as of today).It is running on an E...

by New Member in

splunk LDAP connection Error

our users are not able to login to splunk everyday for 1 hour after that time period it becomes normal , it says cann...

by Communicator in

Icons are messed up in the new UI

https://cl.ly/34f49af231f8 Icons of pause and stop are not aligned with icons print and export. Also, the share ic...

by Engager in

How do I enable the _internal index to be forwarded?

I have a few hundred forwarders that are not indexing locally. I would like to centralize monitoring of splunkd logs....

by Communicator in

UserSID lookup

HelloI have an index called ‘RDIIS’ with 4 fields named SourceIP , UserSID , DestIP and Host.Important to know is tha...

by Explorer in

What is the best contact email for splunk 4 good?

I am looking to reach out tthe support team for the splunk 4 good group, it is not easy to get information from the w...

by New Member in

submit button not passing tokens

Hi All I am running into some strange behavior(atleast for me) with dashboard submit button Dashboard has time...

by Communicator in

Why does my search return an error "Regex: missing closing parenthesis" when the regular expression is valid?

With the following search: index=digitalguardian | transaction Computer_Name | rex (?<=\\)(?<SiteCode>.{3})(?=-) ...

by Explorer in

How to handle search query when JSON data has host field?

I'm working on a corporate Splunk instance where we do not have access to rename fields when indexing, or make any si...

by New Member in

Logs not geting indexed Splunk and Pfsense

i have had splunk working earlier when it was installed on a Ubuntu release, no i am trying it on a vm .ova file Splu...

by New Member in

DB Connect 3.1.4 - Unable to write records - Error in handling indexed fields

Hi All, I have a problem about splunk DB Connect App (Splunk Enterprise 7.2.3 - DB Connect 3.1.4) with my MySQL insta...

by Path Finder in

Could not apply Free license

Hi, We had the following error when trying access a lost, but we never exceeded the 500MB limit daily. Error in...

by New Member in

How do you set up HTTPS encryption for Splunk light version?

I don't see any documentation about securing Splunk light with SSL. Please help.

by New Member in

After mvexpand data display exact search

After mv expand, events are split and when do search for a Splunk ID which is there in the event and try to display i...

by New Member in

Escape quote in standard input?

Hello. I have a input script in python that gets data from db and puts them in stdin in the form field = "value". One...

by Engager in

How can I combine timestamp in the filename plus ms inside the file for an event?

I read in some old posts, that it is not possible to use the timestamp of a filename, but I wonder, if it is possible...

by New Member in

Can we use Mobile App on iPad?

I only see iPhone is supported from the document https://docs.splunk.com/Documentation/Alerts/1.2.0/Alerts/Installati...

by Explorer in

How to calculate duration of overlapping events from multiple Services

I have been working on this for quite sometime and it appears I am just going in circles. Maybe some Splunk Savant wi...

by Path Finder in

Trying to rex for an event thread?

This is the Error Message in the log : info [native] Creating Memory Dump upon ResourceExhausted Notification: una...

by Explorer in

How do you extract a field from known text (with variable) in search results?

I am trying to "extract" the port number as a field that I can use to build a pie chart (or time chart) that simply c...

by New Member in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

Splunk Light Cloud Deployment Server host and port

Splunk Offline

How to arrange the by "time" column in order of latest date first in chart command?

Replicating Splunk Search Head (Not Clustering)

How do I download update files on behalf of a client?

Splunk App for AWS - no accounts in configure tab

splunk LDAP connection Error

Icons are messed up in the new UI

How do I enable the _internal index to be forwarded?

UserSID lookup

What is the best contact email for splunk 4 good?

submit button not passing tokens

Why does my search return an error "Regex: missing closing parenthesis" when the regular expression is valid?

How to handle search query when JSON data has host field?

Logs not geting indexed Splunk and Pfsense

DB Connect 3.1.4 - Unable to write records - Error in handling indexed fields

Could not apply Free license

How do you set up HTTPS encryption for Splunk light version?

After mvexpand data display exact search

Escape quote in standard input?

How can I combine timestamp in the filename plus ms inside the file for an event?

Can we use Mobile App on iPad?

How to calculate duration of overlapping events from multiple Services

Trying to rex for an event thread?

How do you extract a field from known text (with variable) in search results?

Developer Spotlight with Paul Stout

Preparing your Splunk Environment for OpenSSL3

Deprecation of Splunk Observability Kubernetes “Classic Navigator” UI starting ...

Unable to view Splunk KV store status

Splunk Transmit security Version: 1.2.8 Build: 1ve...

Splunk S3 Generic Input not fetching objects in bu...

About the login banner in Web.conf

splunk-operator on AWS EKS