Splunk Enterprise

Community Activity

How to drop simular logs Hello comrades!I just wonder, does splunk detects logs similarity by it's pattern?Many thanks. by BoldKnowsNothin Path Finder in Splunk Enterprise 10-12-2023 0 2	0	2
Add branding and custom colors to your event Good day,What screen do users get when they attempt to reply to a poll after clicking on the link to the poll, even i... by cortiez12 New Member in Splunk Enterprise 10-12-2023 0 0	0	0
Fileds not extracting for JSON file from forwarder, but are from GUI upload. I am using the same sourcetype Hi I am using the same source type on the same file. One is coming in via forwarder and the other is uploaded via GUI... by robertlynch2020 Influencer in Splunk Enterprise 10-11-2023 0 0	0	0
Saved search going back to 1970- why!!! Hi Why is my saved search going back to 1970?I have run the following savedsearch (screenshot below) and I am passing... by robertlynch2020 Influencer in Splunk Enterprise 10-11-2023 0 2	0	2
Not receiving auto cut I have bunch of alerts, I received email alert, but I did not receive auto cut incident to service nowHow to troubles... by vishwa Path Finder in Splunk Enterprise 10-10-2023 0 6	0	6
deployer not pushing local folder to SHC eploy command is pushing an app without the local folder from deployer -> shcOur deployer settings are set to full[sh... by a1bg503461 Explorer in Splunk Enterprise 10-10-2023 0 0	0	0
Is it possible to automate the entity creation in Splunk ITSI from CMDB. Hi Team, Is it possible to automate the entity creation in Splunk ITSI from CMDB?Currently, we are creating entities ... by ManDayAssa New Member in Splunk Enterprise 10-09-2023 0 1	0	1
SEDCMD not working as designed We have a SEDCMD masking a field that correctly masks data as shown in the event however in the expanded info on the ... by jslamcle Splunk Employee in Splunk Enterprise 10-08-2023 0 5	0	5
How to show usage of Apps and dashboards by User? Hi All, I am looking for some dashboards showing the usage of Apps and it's dashboards by User so that I can decommis... by abhi41 Loves-to-Learn Lots in Splunk Enterprise 10-06-2023 0 1	0	1
Is there an educational license? I want to know if there is any provision for NON-PROFIT organizations in the cybersecurity to use splunk as a part of... by ETTech Observer in Splunk Enterprise 10-06-2023 0 1	0	1
How to suppress alerts during holidays I have an alert but I want to suppress it during holidaysHow can I do that???? by Ash1 Communicator in Splunk Enterprise 10-06-2023 0 3	0	3
Splunk Database copy to new_instance I have a windows server and it's OS got crashed but i have the splunk database in the another drive which is fine no... by DataUser007 New Member in Splunk Enterprise 10-05-2023 0 1	0	1
How to set the script execution within the report schedule to once? I'm thinking of running a script(.BAT file) with an action in the report schedule.However, when I specify a batch fil... by liesofpooh New Member in Splunk Enterprise 10-05-2023 0 2	0	2
Why are events breaking using props conf? Hi Team, I am collecting metrics using API calls for every 5 minutes , but all the metrics are coming as a single e... by roopeshetty Path Finder in Splunk Enterprise 10-05-2023 0 13	0	13
Lookup doesn't work with wildcard within strings We are currently using a regex pattern to match events against our raw data, and it works perfectly when we use the s... by VK18 Explorer in Splunk Enterprise 10-04-2023 0 5	0	5
Are _SYSLOG_ROUTING and _TCP_ROUTING dest_keys on the transform.conf consume Splunk license ? Hi,I am sending logs without indexing on Splunk to another product by using the "SYSLOG_ROUTING" DEST_KEY on the tran... by Zanusha443 Explorer in Splunk Enterprise 10-04-2023 0 1	0	1
Windows Eventlog in JSON format Pretty sure the forwarder can pass eventlogg as either XML or JSON from a host. If this is not incorrect, then could ... by fatsug Builder in Splunk Enterprise 10-04-2023 0 8	0	8
Single csv lookup file not updating from deployer Hi thereI've run into an issue where I can sort of guess why I'm having issues though have no clear idea regarding ho... by fatsug Builder in Splunk Enterprise 10-03-2023 0 3	0	3
Splunk REST API: Bypass response format check I am trying to host Prometheus metrics on a Splunk app such that the metrics are available at `.../my_app/v1/metrics`... by RG2 Splunk Employee in Splunk Enterprise 10-03-2023 0 0	0	0
Maxmind \| How to use 5 different mmdb databases? Hi splunkers, I have problem about usind maxming geoip datavbses I get 4 databases from maxmind (GeoIP2-City.mmdb; ... by o_calmels Communicator in Splunk Enterprise 10-03-2023 0 15	0	15
Why permission error after upgrade during restart? Exception: <class 'PermissionError'>, Value: [Errno 13] Permission denied: '/opt/splunk/etc/system/local/authenticati... by jljackson3 Observer in Splunk Enterprise 10-02-2023 0 6	0	6
Troubleshooting: Invalid Key Stanza alert_actions.conf Hi, I'm encountering this error when i run btool check:Invalid key in stanza [email] in /opt/splunk/etc/apps/search/l... by JNgoho Engager in Splunk Enterprise 10-02-2023 0 8	0	8
Invalid Key in alert_actions.conf after upgrade to Splunk 9.0.0? Hello Upgraded Splunk Enterprise to 9.0.0 today - went OK. Upgraded Splunk Universal Forwarders on Windows Server 201... by dasadmin Explorer in Splunk Enterprise 10-02-2023 1 17	1	17
Why does one of two jobs show the field resultCount=0? Hi all, I have two jobs in different applications, both jobs get results in splunk search BUT on of the jobs always... by Alibaba Observer in Splunk Enterprise 09-29-2023 0 0	0	0
How to combine queries to use for alert? I have 3 queries , i want to combine to one query so that i can use it for alertQuery1:index=error-data sourcetype=e... by vishwa Path Finder in Splunk Enterprise 09-28-2023 0 3	0	3