| | We have a monitoring system (WhatsUpGold) that periodically logs in to our windows machines and checks various condit... 1 2 | 1 | 2 | |
| | I have a question about an app I downloaded from Splunkbase. Where do I ask it? 1 2 | 1 | 2 | |
| | Is there a way to see what files are being read by the various monitor/fschange stanzas in input.conf? 2 2 | 2 | 2 | |
| | I have a script that sends something like the following to stdout: DEV#: 0 DEVICE NAME: vpath0 TYPE: 210790... 1 5 | 1 | 5 | |
| | In Splunk documentation, the communication model between deployment server and clients is described as The deploymen... 6 2 | 6 | 2 | |
| | Okay, my summary index looks like this: sourcetype="blah" | sistats count by email I'd like to run a query agai... 1 1 | 1 | 1 | |
| | Receiving splunk server inputs.conf: [splunktcp://7900] Sending splunk server outputs.conf: [tcpout] defaultGroup... 0 11 | 0 | 11 | |
| | Is there a way to show events only if they do not contain a specified field. E.g. 40% of my selected events contain a... 12 1 | 12 | 1 | |
| | Hi, We now have a setup in which we use splunk like this. Forwarders deployed on windows Domain Controllers, that re... 1 4 | 1 | 4 | |
| | How to clean unistall splunk from redhat 0 1 | 0 | 1 | |
| | Hi all, I'm trying to forward my summarized events from an indexer (machine1) to multiple indexers (machine2 and mac... 0 1 | 0 | 1 | |
| | Is there a way to extract the hostname from an event, but force it to lower-case in the process? Extracting the host... 6 2 | 6 | 2 | |
| | I have a search time field extraction for CISCO system messages named MsgClassID. I uploaded from Manager a CISCOevt_... 0 1 | 0 | 1 | |
| | I'm trying to figure out how to calculate a percent of total such that: search string | stats count percent by email... 3 3 | 3 | 3 | |
| | We index data from about 2000 different hosts. logs are relayed in via a TCP syslog source. Whenever a user goes to ... 0 2 | 0 | 2 | |
| | I've tried to filter native event logs being indexed using the [WinEventLog...] sourcetype. Here are the config: pr... 1 5 | 1 | 5 | |
| | Hi I would like to see when saved searches are modified and what their new values are. I read that the execution of... 0 3 | 0 | 3 | |
| | Hello, I have a view defined using some advanced dashboarding. I am displaying 2 charts that are permissioned to all ... 0 1 | 0 | 1 | |
| | The operating system won't allow a non-root user to bind to ports < 1024. How can I get my splunkd, running as user ... 11 2 | 11 | 2 | |
| | There's a limitation in the dbinspect command where you cannot specify multiple indexes to report on, therefore repor... 2 2 | 2 | 2 | |
| | I'm looking at using splunk as a central reporting tool to puppet, and was thinking of putting together "Puppet Dashb... 1 2 | 1 | 2 | |
| | I have saved the following search that generates a table and set it up to send me an email with the results. The que... 0 4 | 0 | 4 | |
| | I am curious if there is a way to pass parameters to a dashboard. For example I have a Dashboard1 which has some tabl... 2 2 | 2 | 2 | |
| | Hi, i have a couple of logfiles where there is one important "field" that splunk does not recognize because it is no... 1 3 | 1 | 3 | |
| | Hello, I have a chart that show event counts split by source name. For our analysis, it is very important that we see... 2 2 | 2 | 2 | |
