Splunk Enterprise

Community Activity

	How to fix this error in health? Ingestion Latency Root Cause(s): Events from tracker.log have not been seen for the last 74130 seconds, which is mor... by Sandev Engager in Splunk Enterprise 10-26-2022 0 6	0	6
	Eval command questions- How many duplicated events do we have? How many duplicated events we have? Percent of duplicated events? Difference between duplicated and unique events.? by sqauyyu123 New Member in Splunk Enterprise 10-25-2022 0 1	0	1
	How can I route data from Universal forwarders to different indexers based on TCP input? Hi All, I have a UF installed on a syslog server. Already network clients are sending data to syslog server and UF fo... by Sanjayr1081 Explorer in Splunk Enterprise 10-25-2022 0 4	0	4
	Splunk Server Update- Is it possible to restore backup file version 8.2 directly to 9.0? Hello all, I have a Splunk server update.We have an update to our Splunk server and I am trying to figure out the wor... by yoshi99 Explorer in Splunk Enterprise 10-24-2022 0 4	0	4
	How to get the response time? I have logs like shown below:2022-03-09T13:22:45.345-01:00 [app_driver_group_stream_api-1] \| INFO s.p.k.o.external.th... by Vani_26 Path Finder in Splunk Enterprise 10-21-2022 0 4	0	4
	Missing forwarders and PowerShell DNS script failures I am still getting information from all of the servers that have the universal forwarders on them and verified the se... by Lost_n_da_sauce Observer in Splunk Enterprise 10-21-2022 0 0	0	0
	Error while downloading Splunk Enterprise I am trying to download Splunk Enterprise, but keep getting an error message telling me that there is an error loadin... by iwolke Engager in Splunk Enterprise 10-21-2022 0 7	0	7
	How to change the default linecount for "search" from index=_audit? Hello, Quick question.How do I change the default number of lines to return in search? Is there a setting in limits.c... by genesiusj Builder in Splunk Enterprise 10-21-2022 0 1	0	1
	Can someone give me support on HEC running? helloI try to send data to indexer with the Http Event CollectorHere is the token I have generatedNow, I try to send ... by jip31 Motivator in Splunk Enterprise 10-20-2022 0 2	0	2
	How to set up SNMP Monitoring for Zscaler NSS? Hello,I'm trying to set up SNMP monitoring for my Zscaler NSS on splunk. Does anyone know where I can get documenta... by sarashafek Explorer in Splunk Enterprise 10-20-2022 0 0	0	0
	Logs not being piped to splunk from from a specific log file? Hi all, I have a server that collects logs from CISCO ISE which then pipe the logs to Splunk which then generates Sp... by skyred5 Engager in Splunk Enterprise 10-20-2022 0 1	0	1
	Regex help- Why am I getting error "Regex: quantifier doesn't follow a repeatable item"? Hi sorry for my direct question. This match it's in eval and i get the error "Regex: quantifier doesn't follow a repe... by SplunkEmp22 Engager in Splunk Enterprise 10-20-2022 0 3	0	3
	Indexers cleaning- How is it performed in clustered architecture? Hello, everyone! I have few questions about indexers cleaning: - How it's performed in clustered architecture? - Does... by bosseres Contributor in Splunk Enterprise 10-19-2022 0 3	0	3
	Can I combine 2 queries? Below is my query1: index=adc source=abc "FilesTrasfered DO980" \|timechart span=1d count \|stats count as D0980 Fi... by Ash1 Communicator in Splunk Enterprise 10-19-2022 0 1	0	1
	Need assistance in writing props: Why is search failing to parse timestamp? 1. I have below logs:server6z: INFO could not find the logs under this path(apimanager call)server6z: INFO could not ... by Ash1 Communicator in Splunk Enterprise 10-19-2022 0 2	0	2
	Splunk Forwarder Agent from 7.x to 9.1 on RHEL 7.9- How do I fix step 5? I am trying to UPGRADE using Ansible, I kick off the playbook via the bastion host. Here are the tasks. 1. copy the i... by skpdevops Explorer in Splunk Enterprise 10-19-2022 0 8	0	8
	Azure Eventhub Dashboard Setup- Can someone suggest any pre-build dashboards for EventHub data? Hello Everyone, I am ingesting data from Azure EventHub to Splunk using Splunk Microsoft Cloud Service Add-On. Now I ... by spodda01da Path Finder in Splunk Enterprise 10-19-2022 0 0	0	0
	Is there a way to remove WARNING Banner? Hi all.Is there an easy and fast way to disable, at all or by some filters, the WARNING BANNERS i get sometimes in SP... by verbal_666 Builder in Splunk Enterprise 10-19-2022 0 0	0	0
	How to build a search to see user activity? Hi All,I wan to see user who are using splunk more.I am using the below query:\|rest /services/authentication/users sp... by mahesh27 Communicator in Splunk Enterprise 10-18-2022 0 3	0	3
	How to add user role capability to disable or enable alerts? Hi Experts, We have created a new role with the same capabilities as a user role, but we wanted to add another capabi... by Anoma New Member in Splunk Enterprise 10-18-2022 0 0	0	0
	How to decrease width only one column in a table? I have 3 columns that I'm using.URL, website, count.The URL is too large and I would like to reduce just the size it ... by luan Engager in Splunk Enterprise 10-18-2022 0 1	0	1
	Why am I getting null values in my results? I have a search index="xyz" sourcetype="csv" \| fillnull value="unknownMan" field1 field2 field3 field4 \| eventstats... by human96 Communicator in Splunk Enterprise 10-18-2022 0 1	0	1
	User Account that UF wants when installing it- does this have to be a local service account? Hi, Utter Noob here - I apologise for any really silly questions! I'm installing Universal Forwarder to several machi... by TopcaT668 Explorer in Splunk Enterprise 10-18-2022 0 5	0	5
	How to blacklist Win EventCodes? Im trying to blacklist the below eventcodes since we dont have any use for them but somehow it is not working . I mad... by newsplunker1 Path Finder in Splunk Enterprise 10-17-2022 0 0	0	0
	Why is callsock sending blank logs? why it's showing blank lines in logs. What is the reason callsock is sending blank lines https://drive.google.com/fil... by sc_admin11 Explorer in Splunk Enterprise 10-17-2022 0 0	0	0