| | My customer wants to collect logs from the OS of thier Nokia Checkpoint Firewall as well as syslog from the firewal e... 1 2 | 1 | 2 | |
| | Hi All Can anyone explain where my search is wrong? sourcetype="access_log" [search sourcetype="GAMESAPI*" SID | re... 0 1 | 0 | 1 | |
| | Hi, Long story short I'd like to know if it's possible to pass search results through a script to another system (H... 0 4 | 0 | 4 | |
| | I am having an issue with the deployment server and I'm not sure what to make of this. I recently learned about the ... 0 5 | 0 | 5 | |
| | I've got my custom apps (mostly custom inputs.conf files) working, and now I'm looking into configure some of the def... 0 8 | 0 | 8 | |
| | When clicking on Field Extractions from Manager, users are greeted with an error message: In handler 'extractions': A... 4 2 | 4 | 2 | |
| | I have a Solaris 10 SPARC server that is running Splunk 4.1. It's configured to generate audit logs to syslog, creat... 0 1 | 0 | 1 | |
| | Hi all, Quick question about summary indexing: I have this configuration in the savedsearches.conf [esxtop_Group_C... 0 1 | 0 | 1 | |
| | I have a collection of individual log lines where each event contains a start time and a duration for an individual r... 3 2 | 3 | 2 | |
| | Hello All, I am attempting to use props and tranforms to extract field values from the source field. the source is c... 0 2 | 0 | 2 | |
| | For each eventID I have a, b, c fields on multiple hosts. I need to build report to present daily values of a, b, c f... 0 3 | 0 | 3 | |
| | I want to convert below output to more meaningful L2cache0 size 0 cd0 audio_supported yes cd0 cdda_supported yes cd0... 1 4 | 1 | 4 | |
| | I have deployment setup and running in v4.1.4. However, I would like to set ownership of the deployed saved searches.... 0 2 | 0 | 2 | |
| | Hi Splunk experts, I have a search that joins the results from two source types based on a common field: sourcetyp... 1 11 | 1 | 11 | |
| | I modified $SPLUNK_HOME/etc/system/local/indexes.conf for the specific index to keep only 10 warm databases; however,... 1 3 | 1 | 3 | |
| | Is there a way to directly launch a saved search via the scheduler while passing key/value pairs for macro replacemen... 1 1 | 1 | 1 | |
| | I have a router with multiple FPCs and each FPC has multiple ICHIPs. An ICHIP can produce pktwr drops and that number... 1 5 | 1 | 5 | |
| | I have configured IT Data Block Signing as per http://www.splunk.com/base/Documentation/latest/Admin/ITDataSigning . ... 2 1 | 2 | 1 | |
| | Hello, We are using Splunk to monitor the traffic of our system, and i was asked to give a report for showing the mo... 3 8 | 3 | 8 | |
| | I have a bunch of light forwarders sending data to a central heavy forwarder which then sends the data to the main in... 0 6 | 0 | 6 | |
| | We have different log lines of different types. Each type holds different field names. Because of this when I use s... 0 3 | 0 | 3 | |
| | I have a team of web developers using Splunk to debug their web apps. When they're debugging apps, they're all hittin... 1 6 | 1 | 6 | |
| | Hello, I am doing a query, where I get a multi valued field and I need to append something to each value depending w... 1 3 | 1 | 3 | |
| | I'm setting up our deployment server configuration. I have the following set up in my serverclass.conf: [serverClas... 1 6 | 1 | 6 | |
| | Installed latest Splunk version of Linux server and trying to connect with IE using the following http://hostname:80... 0 2 | 0 | 2 | |
