| | Hi, I just created a new app and wanted to point my network inputs to another index, managed by my app. So, I modif... 1 3 | 1 | 3 | |
| | On a Solaris machine, I modified $SLUNK_HOME/etc/system/local/web.conf to use httpport = 80 The below error was then ... 4 5 | 4 | 5 | |
| | Is there a splunk command or REST endpoint to see the tailing status of monitored files? 4 2 | 4 | 2 | |
| | After upgrading to 4.1 from 4.0.10 I am unable to get fields using a search from python script. The simplified versio... 0 2 | 0 | 2 | |
| | I am trying to get scripted auth working on the new 4.1. I had a configuration on 3.4.x that worked great but after m... 0 2 | 0 | 2 | |
| | Search is index="_internal" source="*metrics.log" group="queue" | timechart perc90(current_size) by name Results are... 2 3 | 2 | 3 | |
| | I'm trying to index a file on a mapped network drive, but I keep getting seeing 'Access is denied' in splunkd.log. I... 4 1 | 4 | 1 | |
| | I just upgraded to version 4.1 and I'm seeing this message in the UI. My minimum free disk space is 1GB and I haven'... 2 1 | 2 | 1 | |
| | What are the searches required to search across Windows Event Logs for: most recent events of a particular event ID ... 2 1 | 2 | 1 | |
| | Splunk does such an awesome job with distributed search. It seems like all my data is on one server (my search head)... 1 2 | 1 | 2 | |
| | On my old setup I had all syslogs going to syslog on the Splunk server, but now I'm doing a fresh setup with Ubuntu 9... 1 4 | 1 | 4 | |
| | Splunk is running behind a webserver proxy. Splunk has the following config in web.conf: root_endpoint = /splunk T... 1 1 | 1 | 1 | |
| | I have a bunch of Lightweight Forwarders (LWF) forwarding to my central indexer. What happens to my events when the... 3 4 | 3 | 4 | |
| | I've just upgraded to 4.1 and now I'm getting an error when I search saying: The lookup table 'sid_lookup' does not ... 3 7 | 3 | 7 | |
| | How do I go about configuring splunk forwarders running on Linux to forward to a specific index for Linux-related inf... 5 2 | 5 | 2 | |
| | When I run a search on my custom dashboard, I get a notification bar on top stating the status of the dashboard queri... 2 6 | 2 | 6 | |
| | I've seen quite a few apps and they structure their file in different ways. Is there a best practice? For example sho... 2 3 | 2 | 3 | |
| | If the script to roll the hotDB to the warmDB is "| debug cmd=roll index=main", would there be one for rolling the wa... 4 2 | 4 | 2 | |
| | can I view an entire raw log file from within Splunk? For example, if I'm monitoring an apache log4j file (server.lo... 1 3 | 1 | 3 | |
| | Are there are any critical changes to be aware of when migrating a complex distributed scripted auth setup on 3.4.x t... 1 3 | 1 | 3 | |
| | After upgrading to Splunk 4.1 from 4.0.10 today, we find that we can no longer run searches. splunkd.log shows: 04-... 4 1 | 4 | 1 | |
| | If I have a bunch of saved searches I run hourly, what should I consider before switching any or all of them to real ... 2 2 | 2 | 2 | |
| | In my office we have a script on our log servers that monitors the hosts sending logs and alerts us if a machine star... 0 4 | 0 | 4 | |
| | I'm in the process of migrating to new hardware for my indexers. The easiest way to do this would be: Setup new ind... 2 3 | 2 | 3 | |
| | I just upgraded from 4.0 to 4.1 and am seeing messages that the indexprocessor was not initialized on startup. How c... 2 1 | 2 | 1 | |
