Splunk ITSI

Discussions

Thread Info

Getting error creating a new notable event aggregation policy

No matter which rule I'm adding, I always receive the following error message:Error in 'itsirulesengine' command: Inv...

by Engager in

itsi_event_grouping job always fails, itsirulesengine looks involved

Hi Team, Enterprise v8.0.6 on W10 platform (Swedish OS)ITSI 4.4.5 on top of that.Checked the Known Issues in rel no...

by Engager in

Splunk ITSI license cost

Is anyone aware of the license cost (per year) for Splunk ITSI module and also if there are any maintainance cost as ...

by Explorer in

Send email only once after an episode is open for a period of time

I'm creating a number of correlation searches, and I'd like to be able to send an email ONLY when an episode has been...

by Explorer in

Splunk ITSI episode review status not correct.

I have a NEAP that points back to the correlation search. It breaks on "normal" severity. And the action is to clos...

by Loves-to-Learn in

How to manage _time field with schedule change in Europe zone ?

Hi, With the time change, my logs are shifted by one hour (logs from an HEC input) : It is the same case...

by Builder in

Stpunk ITSI: Why I'm getting an error "Invalid data model specification" when I'm trying to add KPIs to a service?

Hello, I'm adding some KPIs (Host OS, CPU load for instance), and when I'm trying to save service, I'm getting the fo...

by New Member in

how to append two search with same index ?

hi, I create a search with a join, but I want to know if there is a better way to do (append ?) : index=AAA sourc...

by Builder in

How does the setseverityfields command work in Splunk IT Service Intelligence?

Does anyone have more information on how the command setseverityfields works in Splunk IT Service Intelligence? Googl...

by Explorer in

What is the difference between a single pane of glass and a glass table ??

Wanted to know what is the difference between a single pane of glass and a glass table, searches in a single pane of ...

by Engager in

I created a new role in ITSI and they cannot view service definitions/ thresholds/KPI's

I want my users to only have read access to service definitions and thresholds. I created a new role with all of the ...

by Splunk Employee in

Splunk can not able to break ITSI episode correctly

Hello All,We have configured our monitoring tools to have Network and Application alert events to be sent as SNMP tra...

by Loves-to-Learn in

How to Transfer Data to ITSI With Splunk Add-on for Unix and Linux

Hi everyone, I'm having some trouble and really need your help. Currently, I'm deploying ITSI Splunk service and u...

by Explorer in

What's the step between correlation searches and episode reviews?

I've "Opened in Search" one of my episode review searches, then typed ctrl-shift-e to view the "expanded search strin...

by Engager in

Hi Team, Can we get the list of All Glass table in Splunk through query or anyway?

by Explorer in

Adding entity rules to base search cause service kpi’s to be 0

I have a base search that returns a column I utilise to get the sum off it’s values as a metric, this metric is used ...

by Explorer in

ITSI Maintenance Windows via REST using Web Tools Add-on

Have being trying out @jkat54 's Web tool add-on to do some maintenance on ITSI objects with the ITSI REST api. ...

by Path Finder in

Why is the fresh install of ITSI 3.1.2 onto a search head cluster environment not working?

Here's the steps I took for installation and what I get soon after clicking on ITSI app. Steps: Untar splunk-it-se...

by Splunk Employee in

ITSI episode review filters

Is there any way to filter in only episodes for which a given field, not among those in the 'Add Filter' menu, has on...

by Engager in

ITSI Entity Object API results eval help

I finally figured out how to use the entity rest API object to pull my informational values. Only problem is I can't...

by Explorer in

Splunk ITSI Episodes count for a Service inside the glasstable

Hi All.., Pretty new to ITSI and i have created a GlassTable with KPI Services - CPU, Memory and Disk Utilization....

by SplunkTrust in

Why am I receiving a "internal error" while accessing the "Splunk free trial ITSI sandbox"?

Hello Splunk Experts - Need your help in fixing the issue I am having while accessing "Free trial ITSI sandbox ins...

by New Member in

Any documentation on how to write into Splunk from a API build on Sprint Boot app

by Engager in

Splunk Features Problems

Hi, I have just installed Splunk and doing a training course and trying to follow along and I realize I am having i...

by New Member in

Can ITSI Maintenance mode be set from a command line as opposed to via the GUI and if so, how?

I'm lazy and a creature of habit. I do a regular weekly maintenance on our Splunk systems which necessitates setting ...

by Engager in

Get Updates on the Splunk Community!

Splunk ITSI

Discussions

Getting error creating a new notable event aggregation policy

itsi_event_grouping job always fails, itsirulesengine looks involved

Splunk ITSI license cost

Send email only once after an episode is open for a period of time

Splunk ITSI episode review status not correct.

How to manage _time field with schedule change in Europe zone ?

Stpunk ITSI: Why I'm getting an error "Invalid data model specification" when I'm trying to add KPIs to a service?

how to append two search with same index ?

How does the setseverityfields command work in Splunk IT Service Intelligence?

What is the difference between a single pane of glass and a glass table ??

I created a new role in ITSI and they cannot view service definitions/ thresholds/KPI's

Splunk can not able to break ITSI episode correctly

How to Transfer Data to ITSI With Splunk Add-on for Unix and Linux

What's the step between correlation searches and episode reviews?

Hi Team, Can we get the list of All Glass table in Splunk through query or anyway?

Adding entity rules to base search cause service kpi’s to be 0

ITSI Maintenance Windows via REST using Web Tools Add-on

Why is the fresh install of ITSI 3.1.2 onto a search head cluster environment not working?

ITSI episode review filters

ITSI Entity Object API results eval help

Splunk ITSI Episodes count for a Service inside the glasstable

Why am I receiving a "internal error" while accessing the "Splunk free trial ITSI sandbox"?

Any documentation on how to write into Splunk from a API build on Sprint Boot app

Splunk Features Problems

Can ITSI Maintenance mode be set from a command line as opposed to via the GUI and if so, how?

Can’t make it to .conf25? Join us online!

Calling All Security Pros: Ready to Race Through Boston?

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Customer success is front and center at .conf25

Using Aliases in Deep Dives and with other ITSI co...

Getting link to the Splunk ITSI event/episode

SNMP traps are not getting to the index

Splunk AI in ITSI cannot find correct thresholds o...

How to reduce Alert fields or hide Alert fields se...

Splunk ITSI

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!