Hi Splunkers, I have the following tasks: I need to compare 2 different Splunk instances, that should be deployed in the same way, but should be not. So I have some sub tasks, to perform this checks....
See more...
Hi Splunkers, I have the following tasks: I need to compare 2 different Splunk instances, that should be deployed in the same way, but should be not. So I have some sub tasks, to perform this checks. One of them is this: in the first instances, some fields deployed by previous Splunk admin should be present (as you can imagine, if I'm here to ask for this, no documentation has been produced). Those field should have been replicated also on the second one, migrating some apps and addon on, but some of them could be in a missing state. So, the idea is: avoiding the most obvious way, whic is GUI-> Settings -> Field, is there another way to ask to Splunk: "hey, could list me all field that are inside you"'? The idea is a search, or recover them from command line, to obtain 2 file and compare them, for example 2 different txt/csv files.