Splunk Enterprise

Community Activity

	How do I uninstall an app from a search head cluster? In Splunk Enterprise, prior versions, I used to be able to: Cd /opt/splunk/etc/shcluster/appsrm -rf this_old_appApply... by TheBravoSierra Path Finder in Splunk Enterprise a month ago 0 3	0	3
	script to rotate log files ? I want to create a script for log rotation in splunk , which makes a zip file of last 3 days (individual zip files) ,... by SN1 Path Finder in Splunk Enterprise 12-03-2025 0 3	0	3
	Drill down from pie chart in dashboard studio I am new to dashboarding drop downs and I'd like to create a drop down for each slice of the pie. I have created a s... by NanSplk01 Communicator in Splunk Enterprise 12-02-2025 0 2	0	2
	Heavy Forwarder missing Hello!We have a Splunk Cloud, for which we set up two on-prem components:-Heavy forwarder( To route all file based lo... by MakszimM Engager in Splunk Enterprise 12-02-2025 0 3	0	3
	This pool has exceeded its configured poolsize=0 bytes I had the free version of Splunk and after a while search was disabled since ingest was over 500MB.So I purchased a 1... by DashZentin Explorer in Splunk Enterprise 12-01-2025 0 6	0	6
	error while uploading a csv in lookup table file Hi,I am getting below error while uploading a csv in lookup table file. Your entry was not saved. The following error... by VijaySrrie Builder in Splunk Enterprise 11-27-2025 0 4	0	4
	KV store failing to start in 9.4.3 Hello Team, We are on Linux and Post upgrade to splunk 9.4.3, KV store is failing.I have followed few recommendations... by Namo Explorer in Splunk Enterprise 11-26-2025 0 12	0	12
	license expired Hello all i have been installed splunk enterprise multiple times and i am unable to sign in as it shows me the error ... by admin9 Observer in Splunk Enterprise 11-26-2025 0 1	0	1
	Splunk API can not find all savedsearches I am creating a python script using Splunk SDK for Python to automate one of my tasks - update all savedsearches to r... by Na_Kang_Lim Path Finder in Splunk Enterprise 11-26-2025 0 2	0	2
	List of All Apps on Splunkbase Hi I need the list of all Apps available of splunkbase.com . My customer wants to verify that how many of their produ... by akathuria Splunk Employee in Splunk Enterprise 11-26-2025 0 2	0	2
	How to change save searches/alert cron_schedule with rest api/bash? Hello, I am trying to change cron_schedule of saved searches/alerts by calling REST API URI in a bash script. I am re... by LovepreetSingh New Member in Splunk Enterprise 11-26-2025 0 2	0	2
	Ingest Action configuration Hello,In the Ingest Action, can we cross-check by host rather than by sourcetype?Regards by Baptiste New Member in Splunk Enterprise 11-21-2025 0 1	0	1
	props.conf not showing the output using EVAL Below is props.conf for a sourcetype, where we getting results for raw_action and tag1 fields.But considering/based u... by sureshkumaar Path Finder in Splunk Enterprise 11-20-2025 0 2	0	2
	DMP files generating in huge size HiIn a particular server we are observing dmp files getting generated randomly and the size is too high like ~30 GB .... by MsF-2000 Path Finder in Splunk Enterprise 11-19-2025 0 2	0	2
	link from lookup table into drilldown new page Hi, any help, pls?Here is the description:lookupTable(links.csv):columnName(Link)lookupTable(links.csv):columnValue(h... by spisiakmi Contributor in Splunk Enterprise 11-19-2025 0 4	0	4
	How to Graph white space before and after my data in a stats graph HiI am trying to graph white spaces before and after my data.The issue is that the data is a subset of the timerange,... by robertlynch2020 Influencer in Splunk Enterprise 11-18-2025 0 6	0	6
	Splunk WEF proper inputs conf Hi everyoneIm on process ingesting WEF event that collected on a server folder, let said D:\WEF\ForwardedEvents.evtx.... by elend Communicator in Splunk Enterprise 11-17-2025 0 9	0	9
	Are there addons for Splunk geolocating devices? Hello I have basic questions about hte way to geolocate devices with Splunk Is an addon exists? If not, is it possibl... by jip31 Motivator in Splunk Enterprise 11-17-2025 0 4	0	4
	Migrate from LDAP to SSO wint MS ADFS - retain username as sAMAccuontname Hi,Does anybody knows what ADFS parameters should be set on MS ADFS so when the user is logged in with SSO, it get cr... by Kiko Loves-to-Learn in Splunk Enterprise 11-17-2025 0 0	0	0
	send to soar inactive in ACTION Hello guys.I'm having a problem right now.SOAR : 192.168.100.120 (on-prem, Ver 7)Splunk Enterprise : 192.168.100.128 ... by dragon Engager in Splunk Enterprise 11-16-2025 0 2	0	2
	Deploy Splunk indexer and Heavy Forwarder on ECS Managed Instance Hi,I'm trying to deploy Splunk indexer and Heavy forwarder using image 9.4 on ECS Managed Instance using EBS volumes ... by yassenfouadanis New Member in Splunk Enterprise 11-16-2025 0 5	0	5
	Upload/update lookup file using rest API What is the recommended way to upload / update an existing lookup file through rest api.I tried using lookup endpoint... by jpillai Path Finder in Splunk Enterprise 11-15-2025 0 2	0	2
	LDAP authentication method Splunk Enterprise Hello all,I'm trying to configure LDAP authentication in a Splunk Enterprise version 9.3.4. The configuration is work... by marco_massari11 Communicator in Splunk Enterprise 11-14-2025 0 0	0	0
	metadata command not showing the correct last event time for hosts I’m seeing a discrepancy between the results from the \| metadata type=hosts command and the actual event data in my i... by luispulido Explorer in Splunk Enterprise 11-12-2025 0 2	0	2
	Get indexes API not returning expanded home and cold path. Splunk Version: 9.4.5 I am calling this API: GET /services/data/indexes/<index-name>The values of homePath_expanded and coldPath_expanded a... by Commvault Observer in Splunk Enterprise 11-10-2025 0 2	0	2