Splunk Enterprise

Community Activity

	How can I give a role read-only access to users? I created a new role in Splunk, let's say "RoleA". I want RoleA to be able to see a list of all users and see all rel... by dudhatjanhavi Explorer in Splunk Enterprise 05-30-2023 0 6	0	6
	How to open Splunk folder available in C:/Program files? Hi...I have installed trial version of Splunk. It is very strange that I see a folder named as Splunk in my Program f... by priyaramki16 Path Finder in Splunk Enterprise 05-29-2023 0 7	0	7
	How to ensure all the dashboards and search reports are working as expected? We have updated the Splunk Enterprise version to 9 recently. Regarding post upgrade validation, I have already gone t... by akarivaratharaj Communicator in Splunk Enterprise 05-29-2023 0 1	0	1
	Props and Transforms for JSON-like data? Hi Community, I am trying to come up with the proper props and transforms config to ingest the data from a source ... by Strangertinz Path Finder in Splunk Enterprise 05-27-2023 0 1	0	1
	Why is endpoint data model is not fetching data from its datasets? When I'm creating search query by using datamodel endpoint, unable to get result from that use case or search query. ... by nehadattaramp Loves-to-Learn in Splunk Enterprise 05-26-2023 0 0	0	0
	Data Rebalancing vs Roll or Resync - What is best to do for "Search Factor is Not Met" and "Replication Factor is Not M" HiWe are getting the following error message, I think I have a few options, but I am not sure what is the best.I have... by robertlynch2020 Influencer in Splunk Enterprise 05-26-2023 0 5	0	5
	How to convert a date field into human readable? Hello, I have field that is called Bootuptime it is displayed like 20230521050657.500000-300 it is not string field a... by coldwolf7 Explorer in Splunk Enterprise 05-25-2023 0 2	0	2
	How to remove highlighted value in pie chart? Hi, How do i remove the highlighted value shown above. i dont want to show them in my pie chart by Keerthi Path Finder in Splunk Enterprise 05-25-2023 0 5	0	5
	How can I resolve the below error while running kvstore clean command? ERROR : could not remove all contents of '/opt/data/kvstore': 1 errors occured.description for first 1 :[{operation :... by mounika572 Engager in Splunk Enterprise 05-25-2023 0 2	0	2
	How to change an owner of 'data model' object? Hello to everyone.Every dashboard with any type of "visualization" (pivot, for example) needs a data model.Data model... by NoSpaces Contributor in Splunk Enterprise 05-25-2023 0 6	0	6
	How to write a search for a list of all different versions of an app? I'm not so keen in creating Splunk query, so I would kindly ask your support for the following query:I need to have a... by Mat1 Explorer in Splunk Enterprise 05-24-2023 0 6	0	6
	Turning off IMDSv1 call for Splunk Add-on AWS app? We are using Splunk enterprise with Splunk Add-on AWS app that gather our data from our AWS account. However, the app... by hantaliu Loves-to-Learn Lots in Splunk Enterprise 05-24-2023 0 0	0	0
	How to hide panels in dashboard studio? Hi Team , Currently we are using Splunk cloud Version - 9.0.2209.4 .I have 3 panels A, B and C . I am trying to do ... by npanda Observer in Splunk Enterprise 05-24-2023 0 0	0	0
	Creating a pie chart or any visualization show last 6 months and 12 month? Hi All, This is the existing visualization which has Lastlogon(people who haven't logged in for quiet sometime). Tho... by Keerthi Path Finder in Splunk Enterprise 05-24-2023 0 5	0	5
	Basic Distributed Deployment Install/Setup Steps Is there a basic cheatsheet for setting up a new small scale distributed deployment? by marycordova SplunkTrust in Splunk Enterprise 05-23-2023 0 3	0	3
	Do I need to modify props to capture 2 format of logs? Sample data:i have 2 types of data and below props given, i am seeing internal logs likeERROR JsonLineBreaker - JSON ... by mahesh27 Communicator in Splunk Enterprise 05-23-2023 0 5	0	5
	Solarwinds Add-on For Splunk with SHC Hi all, Hoping to get some clarity on the Solarwinds Add-on for Splunk. I'm trying to install this onto my SHC (4SH's... by konka4 Splunk Employee in Splunk Enterprise 05-23-2023 0 0	0	0
	How can I write a proper props for sample logs? Below are the sample logs, here i have 2 types of logs formats.for json logs i have given this props:[sourcetype]INDE... by Ash1 Communicator in Splunk Enterprise 05-19-2023 0 0	0	0
	How to write regex? form the below logs i want to capture "appDesc" data using regex. 2023-05-02 22:27:20,100 \| info application statu... by Ash1 Communicator in Splunk Enterprise 05-19-2023 0 1	0	1
	App Upgrade GUI- Getting internal server error? Hi all, When I visit the Apps page on my search head server and select "Upgrade to ..." on any of my applications tha... by pglover Engager in Splunk Enterprise 05-19-2023 0 6	0	6
	How to restrict particular month? Hi ,I have to restrict 2023-05 date field . This is used as filter in the dashboard. Can some one help me provide the... by Keerthi Path Finder in Splunk Enterprise 05-19-2023 0 4	0	4
	Why am I unable to correct the timestamp with microseconds? Dear Team, Below is the raw log for your reference: {"kind":"Event",*****************,*,"stageTimestamp":2023-05-... by vprasadeee_7 Explorer in Splunk Enterprise 05-19-2023 0 2	0	2
	How to get unique data? Hi All,I have a query and the results shows as above. The column function as only single value. I need to get only on... by Keerthi Path Finder in Splunk Enterprise 05-18-2023 0 7	0	7
	What is the cause of the error I am getting with Splunk Add-on for New Relic? Hi, Please let us know how to address the issue of Splunk Add-on for New Relic not working properly.https://apps.splu... by tabata999 New Member in Splunk Enterprise 05-18-2023 0 0	0	0
	Why is DHCP log not parsing properly? Hi, i have parsing issue on window DHCP log. Im using splunk add on for Window DHCP. The raw log are as below. 1030,0... by Akmal57 Path Finder in Splunk Enterprise 05-17-2023 0 4	0	4