Splunk Enterprise

Community Activity

	Merging fields from two indexes with common field I have two indexes having status of Batch jobs that run in our system daily. Source 1: Contains JobName, StartTime, ... by bud4 Engager in Splunk Enterprise 01-20-2023 0 1	0	1
	What regex can I use to remove some fields from url_host? Hi everyone,I'm very new here. I need support with extracting this field, "safeframe.googlesyndication.com" from "... by Lu23 Observer in Splunk Enterprise 01-20-2023 0 5	0	5
	qq by chandankr Path Finder in Splunk Enterprise 01-20-2023 0 4	0	4
	Why does slave have no matching license pool for the data it indexed? Hello, I am new to Splunk and have testing purpose. I have installed Splunk within 30 days and installed the ITE cont... by MT1234 Loves-to-Learn Lots in Splunk Enterprise 01-19-2023 0 1	0	1
	Will SSL Certificate Checker work for Windows domain controllers? Will your SSL Certificate Checker work for Windows domain controllers? by cblair New Member in Splunk Enterprise 01-19-2023 0 3	0	3
	How to get sum of a value within a period of 15 min? I have an input of value is like an odometer so it's cumulative. I collect a sample every 15 minutes. If I want to cr... by chandankr Path Finder in Splunk Enterprise 01-19-2023 0 7	0	7
	How to configure Splunk UF? Splunk UF Hi folks,Seeking help I am new to splunk I am trying to configure splunk UF, I have two vm's both vm's inst... by Shakeer_Spl Explorer in Splunk Enterprise 01-18-2023 0 2	0	2
	Monitoring Console not functional after pass4SymmKey update (v9.0.2) I'm a Splunk PS consultant and have been assisting a client with upgrades and migration to SVA compliant architecture... by NullZero Communicator in Splunk Enterprise 01-18-2023 0 3	0	3
	How to extract field with rex? Dear All.When searching some database log asindex=my_db ....I have a field named "statement" with content as example... by altink Builder in Splunk Enterprise 01-18-2023 0 5	0	5
	Trying to sort month in chronological order and not getting the desired output? was using this below Search, ***\| rex field=_raw "<measResults>\d+\s\d+\s\d+\s\d+\s\d+\s\d+\s\d+\s\d+\s(?<active_sta... by chandankr Path Finder in Splunk Enterprise 01-18-2023 0 12	0	12
	How I can combine avgCpuUtilization and maxCpuUtilization with UK_DC? \| rex field=_raw "measResults\W(?<avgCpuUtilization>\d{0,3})\s(?<maxCpuUtilization>\d{0,3})" \| rex field=_raw "PLMN... by chandankr Path Finder in Splunk Enterprise 01-18-2023 0 0	0	0
	Splunk Add-on for Microsoft Cloud Services: Why is data not getting indexed in Splunk? Hi, I am trying to use this Splunk Add-on for Microsoft Cloud Services on Splunk Enterprise platform. I have followed... by Ashwini008 Builder in Splunk Enterprise 01-17-2023 0 0	0	0
	How to table format data? Hi,My query: \|tstats count where index=app-clietapp host=ahnbghjk OR host=ncsjnjsnjn sourcetype=app-clientapp sourc... by Vani_26 Path Finder in Splunk Enterprise 01-17-2023 0 4	0	4
	How to achieve eval case match? event is json: {message:AZK} x 10 {message:BCK} x 5 {message:C} x 3 What Im trying to get is a table to count messa... by maxouhunterfc Engager in Splunk Enterprise 01-17-2023 0 2	0	2
	How to troubleshoot data not coming from particular source? Hi,i have 2 hosts and 2 sources, previously i was getting data from 2 sources, but now we have teardown and resdeploy... by mahesh27 Communicator in Splunk Enterprise 01-17-2023 0 1	0	1
	Indexer Peer server in not joining back to Indexer cluster after upgrading Splunk Enterprise 7.1 to 8.1 Hi Friends, I am upgrading my Splunk Enterprise from 7.1 to 8.1. after upgrading Indexer search head Peer server it ... by AkashNTT Loves-to-Learn Lots in Splunk Enterprise 01-17-2023 0 3	0	3
	Rolling restart of multisite cluster not working as expected Hi all,We have an issue with our environment (all running 8.2.8 currently on Windows Server 2016 Standard). We have a... by sini Explorer in Splunk Enterprise 01-17-2023 0 2	0	2
	Why won't 'collect' command work? Hey,I have a Splunk Enterprise environment with servers cluster of 4 SHDs, 5 HFDs and 3 Indexers.In addition there is... by shob4726 Observer in Splunk Enterprise 01-17-2023 0 2	0	2
	Can we use Schedule PDF Delivery option in dashboard studio? Hi All,I am using Splunk 9.0.1 version, is there a way to Schedule PDF Delivery option in dashboard studio.if yes pl... by Vani_26 Path Finder in Splunk Enterprise 01-16-2023 0 1	0	1
	Is it possible to add older data than the search period? Hi all, I am at an impasse, and I do need some ideas how to overcome that. So here is the challenge. 1)I have CSV d... by boromir Path Finder in Splunk Enterprise 01-16-2023 0 0	0	0
	How many people can access it the Splunk Enterprise free trail at one time? (hosted via Ec2 Instance) Hello,I'm hosting a Splunk Enterprise free trial on an AWS instance. I'd like to share this with some friends to pra... by dablab Explorer in Splunk Enterprise 01-12-2023 0 1	0	1
	What happened to parsetest? So what happened to parsetest?$ splunk cmd parsetest couldn't run "/opt/splunk/bin/parsetest": No such file or direct... by starr Observer in Splunk Enterprise 01-12-2023 0 0	0	0
	How to differentiate between productive and non-productive environment logs? Hi, I want to know how to differentiate between logs from a productive versus a non-productive license. Thnk you... by Matilda Explorer in Splunk Enterprise 01-12-2023 0 2	0	2
	How to check whether props.conf is there for my sourcetype? Hi All,how can i know whether props has been defined to particular sourcetype.how can i check it. by mahesh27 Communicator in Splunk Enterprise 01-11-2023 0 5	0	5
	What is the best sequence for a Splunk distributed deployment shutdown? We have a distributed deployment consisting of 2 Search heads, 1 indexer, Deployment server, 2 Heavy Forwarders, Uni... by Gursimar_singh Engager in Splunk Enterprise 01-11-2023 0 3	0	3