Splunk Enterprise

Community Activity

REGEX not being applied even though it is working in REX Hi all, We have ingested some logs using a heavy forwarder as below in /opt/splunk/etc/apps/test_inputs/local/: input... by jto13 Explorer in Splunk Enterprise 11-12-2024 0 15	0	15
Deployment Server clients have wrong apps We have a small satellite deployment of 40+ servers, that have a dedicated HF doubling as a Deployment Server running... by tlmayes Contributor in Splunk Enterprise 11-12-2024 2 23	2	23
Breaking my 5GB license into 2 smaller licenses In my air gapped lab, I got 5GB Splunk license but hardly using 1GB. Within the lab, we are working to have a smaller... by jkamdar Communicator in Splunk Enterprise 11-12-2024 0 1	0	1
Splunk Search Head physical server migration from old server to new physical server We have plan to migrate the old physical server to new physical server and the server is a Search Head component in ... by Sathish28 Explorer in Splunk Enterprise 11-11-2024 0 3	0	3
Splunk forwarder is not validating ExtendedKeyUsage for server authentication We are using Splunk forwarder v9.0.3. One of the X509 validation we would like to have against TLS server certificate... by spilli Explorer in Splunk Enterprise 11-11-2024 0 11	0	11
How do you schedule a report that needs to run multiple times for different time ranges? We have a report that generates data with the `outputlookup` command and we are in need to schedule it multiple times... by joshiro Communicator in Splunk Enterprise 11-07-2024 0 3	0	3
Migrating Our Splunk Deployment Master Server From Azure To On-Premises Hi All,Our current setup involves Splunk Search Heads hosted in Splunk Cloud and managed by Support. The existing Dep... by anandhalagaras1 Contributor in Splunk Enterprise 11-07-2024 0 3	0	3
Its Urgent - Request for Dashboard Panel In Splunk Dashboard:Total request number for security token/priority token filtered by partner nameDuplicate request ... by santoshpatil01 New Member in Splunk Enterprise 11-06-2024 0 1	0	1
change for fmc logs Hello everyone could please help me to edit this app for FMC logs by matin6 New Member in Splunk Enterprise 11-06-2024 0 1	0	1
Unable to configure LDAP authentication I am getting following error while configuring LDAP on my Splunk instances ( tried it on Splunk deployment server, In... by Richy_s Path Finder in Splunk Enterprise 11-06-2024 0 1	0	1
DB connect page not loading Hi community, I am trying to connect to the DB connect app and i am constantly redirected tohttp://$HOST/en-US/app/s... by Strangertinz Path Finder in Splunk Enterprise 11-05-2024 0 12	0	12
Splunk forwarder is not validating path length basic constraint against TLS server certificate We are using Splunk forwarder v9.0.3. We would like to have Splunk forwarder to reject the TLS server certificate if ... by spilli Explorer in Splunk Enterprise 11-05-2024 0 4	0	4
indexer not working after changing cluster configuration Hi, I am trying to change the indexer configuration from one cluster master to another but in the process of this cha... by _pravin Contributor in Splunk Enterprise 11-04-2024 0 2	0	2
Custom javascript doesn't work Hi,i am trying to use custom javascript file to customize some button actions in my dashboard, but it doesn't work an... by catta99 Explorer in Splunk Enterprise 11-03-2024 0 6	0	6
anyone have similar error after upgrade 9.3.1 RROR startup:116 - Unable to read in product version information; isSess 2024-11-01 12:25:49,065 +0000 ERROR startup:116 - Unable to read in product version information; isSessionKeyDefined=... by jbanAtSplunk Communicator in Splunk Enterprise 11-03-2024 0 3	0	3
rex field Hi everyone, I am using rex field to extract content that containst the following word: full \| rex field=msg_old "(?<... by Yim Loves-to-Learn Lots in Splunk Enterprise 11-02-2024 0 6	0	6
Why do we have warm buckets? Can't hot bucket just roll directly to cold bucket? Or it's not possible? Does it have anything to do with the fact t... by lawrence_magpoc Path Finder in Splunk Enterprise 11-02-2024 0 15	0	15
Multivalue fields extraction Hi,Please help me in extracting multivalue fields from email body logs:LOG:"Computer Name","Patch List Name","Complia... by rukshar Explorer in Splunk Enterprise 11-01-2024 0 1	0	1
Splunk Universal forwarder management port is closed Hi All,I updated Splunk Universal forwarder from 8.2.6 to 9.1.3 on a Debian host. No specific configuration basically... by eduardo1989 Path Finder in Splunk Enterprise 11-01-2024 0 7	0	7
How to use mvexpand in a table where there are multiple columns with different data count? 1. I need to fetch data based on deviceMac such that row gets corresponding data from each column.2. It should fill ... by nkhanna Engager in Splunk Enterprise 11-01-2024 0 6	0	6
Splunk Rest API response in JSON format Hi Community,We are in the process of sending the alerts from Splunk to another application via REST API but response... by Eshwar Engager in Splunk Enterprise 11-01-2024 0 4	0	4
How to integrate 3rd party SaaS platform with Splunk Hi Looking for guidance related to integrating Splunk on-premise infrastructure with 3rd party SaaS providers. We hav... by Luckyani Explorer in Splunk Enterprise 11-01-2024 0 8	0	8
snapshot of 2 timeframes for the same query to look for consecutive.... Hi All, Thanks for your time,I have a query for getting the number of errors for each client/customer, api_name,time ... by Raj_Splunk_Ing Path Finder in Splunk Enterprise 10-31-2024 0 5	0	5
OpenSSL < 1.0.2zk vulnerability on Splunk 9.2.2 Hello,I just upgraded my Splunk Enterprise from 9.2.1 to 9.2.2, and I saw that the OpenSSL used is in version 1.0.2zj... by RSI_Indosuez Engager in Splunk Enterprise 10-31-2024 1 3	1	3
Is there a built-in or add-on visualization for graphing 3 fields (Label,X,Y) I would like to graph a table that has 3 fieldsLabel X ... by jlundtristate Engager in Splunk Enterprise 10-31-2024 0 1	0	1