Splunk ITSI

Community Activity

Debugging the correlation Search that run in the past One of the episode in my setup have not generated and i want to see the correlation search that run at that time.Is t... by veerendra_modi Loves-to-Learn in Splunk ITSI 12-30-2020 0 0	0	0
ITSI episodes and notables have duplicate field values (title, entity, identifier) Hello Splunkers, We have a new correlation search deployed to ingest a 3rd party (logicmonitor) system's alerts. The... by johnansett Communicator in Splunk ITSI 12-29-2020 0 0	0	0
Can you help me with my Splunk Insights for Infrastructure 1.2 Install Problem? Working with the .deb install file for Insights for Infrastructure 1.2 on Ubuntu 16.4 (splunk_insights_infrastructure... by jlemley Path Finder in Splunk ITSI 12-25-2020 1 3	1	3
Finding the fields in itsi_event_management_group_index I'm a newby to both splunk and itsi. I think I can figure out how to find the fields in a lookup table and in an ind... by keesling Engager in Splunk ITSI 12-22-2020 0 0	0	0
concatenate a field to my source and regex the result Splunk Noob.I have a custom http sourcetype with multiple data sources. For one of these sources (aws:firehose), I ne... by ictrees28 Loves-to-Learn Everything in Splunk ITSI 12-22-2020 0 2	0	2
ITSI Service Dependencies(4.7) I created some Services within ITSI using the "Import from Search" and it runs every hour to import anything new alon... by terpdog Explorer in Splunk ITSI 12-14-2020 0 0	0	0
Refresh queue at 33635, entities/ services not working or updating I work for a company with a clustered environment of around 9 indexers and 3 search heads, with a cluster master and ... by Dpeedahnb Explorer in Splunk ITSI 12-09-2020 0 0	0	0
Time on Notable event - Action rule email Hi,I'm configuring the action rule when an alert is raised on ITSI and I'd need to add the time in the message or the... by rabadel83 Loves-to-Learn Lots in Splunk ITSI 12-07-2020 0 0	0	0
Start ITSI create entitiy is missing Hello,i installed the itsi app and also java openjdk 11 on centos. Assigned my admin user the itso_admin role and tak... by StefanW Path Finder in Splunk ITSI 11-29-2020 0 1	0	1
Splunk IT Service Intelligence: Why am I getting error "URI Too Large" when trying to enable drilldown options from Deep Dive swim lanes? I'm trying to configure some drilldown options from swim lanes in the Deep Dive view in the Splunk IT Service Intelli... by svendby90 Path Finder in Splunk ITSI 11-24-2020 1 5	1	5
No Entity found against a service in ITSI Hi, I am trying to create a service using a service template, so that I can use the same KPIs( in the template) again... by goonie Explorer in Splunk ITSI 11-18-2020 1 1	1	1
backfill itsi - insufficient data in ITSI summary index Hi all,I received the following error when I try to apply adaptive threshold in one KPI of one service where I enable... by rabadel83 Loves-to-Learn Lots in Splunk ITSI 11-17-2020 0 2	0	2
Getting error creating a new notable event aggregation policy No matter which rule I'm adding, I always receive the following error message:Error in 'itsirulesengine' command: Inv... by Allenspach Engager in Splunk ITSI 11-12-2020 0 2	0	2
itsi_event_grouping job always fails, itsirulesengine looks involved Hi Team,Enterprise v8.0.6 on W10 platform (Swedish OS)ITSI 4.4.5 on top of that.Checked the Known Issues in rel notes... by TorbjörnP Engager in Splunk ITSI 11-02-2020 0 1	0	1
Splunk ITSI license cost Is anyone aware of the license cost (per year) for Splunk ITSI module and also if there are any maintainance cost as ... by sudeep5689 Explorer in Splunk ITSI 10-30-2020 0 4	0	4
Send email only once after an episode is open for a period of time I'm creating a number of correlation searches, and I'd like to be able to send an email ONLY when an episode has been... by damickel Explorer in Splunk ITSI 10-27-2020 0 1	0	1
Splunk ITSI episode review status not correct. I have a NEAP that points back to the correlation search. It breaks on "normal" severity. And the action is to clos... by digithead1 Loves-to-Learn in Splunk ITSI 10-27-2020 0 0	0	0
How to manage _time field with schedule change in Europe zone ? Hi, With the time change, my logs are shifted by one hour (logs from an HEC input) : It is the same case on many logs... by mah Builder in Splunk ITSI 10-27-2020 0 2	0	2
Stpunk ITSI: Why I'm getting an error "Invalid data model specification" when I'm trying to add KPIs to a service? Hello, I'm adding some KPIs (Host OS, CPU load for instance), and when I'm trying to save service, I'm getting the fo... by Kirisame New Member in Splunk ITSI 10-26-2020 0 8	0	8
how to append two search with same index ? hi,I create a search with a join, but I want to know if there is a better way to do (append ?) :index=AAA sourcetype=... by mah Builder in Splunk ITSI 10-22-2020 1 21	1	21
How does the setseverityfields command work in Splunk IT Service Intelligence? Does anyone have more information on how the command setseverityfields works in Splunk IT Service Intelligence? Googl... by dstile Explorer in Splunk ITSI 10-16-2020 1 2	1	2
What is the difference between a single pane of glass and a glass table ?? Wanted to know what is the difference between a single pane of glass and a glass table, searches in a single pane of ... by dilipdwayne Engager in Splunk ITSI 10-14-2020 0 1	0	1
I created a new role in ITSI and they cannot view service definitions/ thresholds/KPI's I want my users to only have read access to service definitions and thresholds. I created a new role with all of the ... by amckinnie_splun Splunk Employee in Splunk ITSI 10-14-2020 0 1	0	1
Splunk can not able to break ITSI episode correctly Hello All,We have configured our monitoring tools to have Network and Application alert events to be sent as SNMP tra... by omersiar Loves-to-Learn in Splunk ITSI 10-14-2020 0 5	0	5
How to Transfer Data to ITSI With Splunk Add-on for Unix and Linux Hi everyone, I'm having some trouble and really need your help. Currently, I'm deploying ITSI Splunk service and usin... by hoangpt Explorer in Splunk ITSI 10-11-2020 0 1	0	1