Regex does not convert the epoch time, but it can extract the time for further conversion. If those logs are taken from a single log file, then Splunk will by default put each line in a separate eve...
See more...
Regex does not convert the epoch time, but it can extract the time for further conversion. If those logs are taken from a single log file, then Splunk will by default put each line in a separate event and most likely guess the epoch as the timestamp. Then the timestamp (_time) will be human-readable in the event view, or it can be made human-readable using ctime()
Is there a Regex to convert the epoch to human readable time upon ingestion ? [1720450799] Error: Got check result for service 'CPU Usage' on host. [1720450799] Error: Got check result for se...
See more...
Is there a Regex to convert the epoch to human readable time upon ingestion ? [1720450799] Error: Got check result for service 'CPU Usage' on host. [1720450799] Error: Got check result for service 'Disk Usage var' on host. [1720450799] Error: Got check result for service 'Disk Usage opt' on host.
The UF will log communication failures in splunkd.log. Yes, you can monitor the indexers for no logs from hosts. There are apps, including TrackMe, that can help with that.
If the host cannot reach the indexer then there will be nothing logged on the indexer to monitor. The UF will log any failures to connect so that is the place to check, but you will have to do that ...
See more...
If the host cannot reach the indexer then there will be nothing logged on the indexer to monitor. The UF will log any failures to connect so that is the place to check, but you will have to do that on the host rather than in Splunk.
Hello @Ayodele.Akingbulu,
Thanks for asking your question on the community. It's been a few days with no reply. Have you found a solution yourself or anything new you can share? If you are still...
See more...
Hello @Ayodele.Akingbulu,
Thanks for asking your question on the community. It's been a few days with no reply. Have you found a solution yourself or anything new you can share? If you are still looking for help, I found this AppDynamics Documentation: https://docs.appdynamics.com/appd/24.x/24.6/en/cisco-appdynamics-essentials/dashboards-and-reports/dash-studio/thousandeyes-integration-with-cisco-appdynamics
Additionally, you can also contact Cisco AppDynamics Support for more help. https://www.appdynamics.com/support
Hi @Gustavo.Marconi,
Have you had a chance to check out the reply from @Rajesh.Ganapavarapu? I wanted to let you know I have also contacted the Docs team and shared your feedback regarding the docu...
See more...
Hi @Gustavo.Marconi,
Have you had a chance to check out the reply from @Rajesh.Ganapavarapu? I wanted to let you know I have also contacted the Docs team and shared your feedback regarding the documentation.
That's my mistake, I had selected the wrong app when I made the post. I've now updated the OP to the correct app in question - https://splunkbase.splunk.com/app/5433 I'm confused myself, I'm not see...
See more...
That's my mistake, I had selected the wrong app when I made the post. I've now updated the OP to the correct app in question - https://splunkbase.splunk.com/app/5433 I'm confused myself, I'm not seeing anything that points to an api issue in the logs. The only thing is that this is a relatively new api endpoint for the app and may not have had all the kinks ironed out.
Hi @Meri.jaan,
Thanks for asking your question on the Community. I know it's been a few days and the community has not jumped in to help.
Have you been able to find a solution or anything you ca...
See more...
Hi @Meri.jaan,
Thanks for asking your question on the Community. I know it's been a few days and the community has not jumped in to help.
Have you been able to find a solution or anything you can share? I noticed you shared documentation to a slightly older version of AppD Documentation. Here is the one that relates to your AppDynamics version: https://docs.appdynamics.com/appd/24.x/latest/en/application-monitoring/configure-instrumentation/transaction-detection-rules/message-queue-entry-points
Which server.pem file did you delete? You should also run a btool to see what cert is being used: $SPLUNK_HOME/bin/splunk btool server list --debug | grep -i "ssl"
Hi @Narendra.Rao,
Did you see the latest reply? Please let the community know if it helped by clicking "Accept as Solution" or continue the conversation.
Just a heads up, this add-on has been archived and a new version of it exists: https://splunkbase.splunk.com/app/5435 That may be the issue. What is confusing is there aren't even any errors/warnin...
See more...
Just a heads up, this add-on has been archived and a new version of it exists: https://splunkbase.splunk.com/app/5435 That may be the issue. What is confusing is there aren't even any errors/warnings or anything in the logs. What search where you using, and does anything stand out, like a 404/401 error or anything
Is there a way to monitor disconnects on a host (with a deployed universal forwarder) that cannot reach the Indexer? We have an on prem solution. Simply trying to use this host to monitor if network ...
See more...
Is there a way to monitor disconnects on a host (with a deployed universal forwarder) that cannot reach the Indexer? We have an on prem solution. Simply trying to use this host to monitor if network A can reach network B because the host is in Network A and the index is in network B.