Hi, there are 72 links to scheduled splunk reports that I have to access and download the reports individually on a monthly basis. I would like to know if there are any faster ways to download them...
See more...
Hi, there are 72 links to scheduled splunk reports that I have to access and download the reports individually on a monthly basis. I would like to know if there are any faster ways to download them. Regards, Zijian
I have a cycle so data will come in between 6-7 AM, 11-12 PM, 6-7 PM, 9-9:35 PM. So i want to display the color for the time After 7 AM, 12 PM, 7 PM, 9:35 PM - Red and Before 7 AM, 12 PM, 7 PM, 9:3...
See more...
I have a cycle so data will come in between 6-7 AM, 11-12 PM, 6-7 PM, 9-9:35 PM. So i want to display the color for the time After 7 AM, 12 PM, 7 PM, 9:35 PM - Red and Before 7 AM, 12 PM, 7 PM, 9:35 PM - Green.
As I said, in classic dashboards, you have rows with panels. Since your composite panels still align as rows, you may be able spoof what you want by using html "filler" panels in the rows between the...
See more...
As I said, in classic dashboards, you have rows with panels. Since your composite panels still align as rows, you may be able spoof what you want by using html "filler" panels in the rows between the elements in same row. You may need to use CSS to try and set the width of the panels, but this is very tricky to do.
I am trying to install controller on v.24.4.0(latest).while installing getting below error: "Connection to [AppDynamics Controller Application Server] failed due to Controller I arations[[SC] EnumQ...
See more...
I am trying to install controller on v.24.4.0(latest).while installing getting below error: "Connection to [AppDynamics Controller Application Server] failed due to Controller I arations[[SC] EnumQueryServices Status: OpenService FAILED 1060: The specified service does not exist as an installed service"
Hi @viku7474 , please try this: <your_search>
NOT [ | inputlookup vtest | rename message AS query | fields quey ] in this way you perform a full text search in the main search using the lookup's m...
See more...
Hi @viku7474 , please try this: <your_search>
NOT [ | inputlookup vtest | rename message AS query | fields quey ] in this way you perform a full text search in the main search using the lookup's message values. Ciao. Giuseppe
Hi @paragg , you can use Dashboard Studio (as hinted by @andrew_nelson ) or reduct my solution to only the text boxes: <dashboard version="1.1">
<label>Home Page</label>
<row>
<panel>
...
See more...
Hi @paragg , you can use Dashboard Studio (as hinted by @andrew_nelson ) or reduct my solution to only the text boxes: <dashboard version="1.1">
<label>Home Page</label>
<row>
<panel>
<html>
<h1>Title Panel 1</h1>
<table border="0" cellpadding="10" align="center">
<th>
<tr>
<td align="center">
<a href="/app/my_app/dashboard1">
Title Dashboard 1
</a>
</td>
<td align="center">
<a href="/app/my_app/dashboard2">
Title Dashboard 2
</a>
</td>
<td align="center">
<a href="/app/my_app/dashboard3">
Title Dashboard 3
</a>
</td>
</tr>
</th>
</table>
</html>
</panel>
</row>
</dashboard> Ciao. Giuseppe
Yes, i agree with you. But i was looking for time frame colors After 7 AM, 12 PM, 7 PM, 9:35 PM - Red and Before 7 AM, 12 PM, 7 PM, 9:35 PM - Green Time expecting this color in Time field ...
See more...
Yes, i agree with you. But i was looking for time frame colors After 7 AM, 12 PM, 7 PM, 9:35 PM - Red and Before 7 AM, 12 PM, 7 PM, 9:35 PM - Green Time expecting this color in Time field 25-05-2024 19:06 Red After 7PM 25-05-2024 22:10 Red After 10 PM 25-05-2024 22:16 Red After 10 PM 26-05-2024 06:50 Green Before 7AM 26-05-2024 06:52 Green Before 7AM 26-05-2024 11:50 Green Before 12 PM 26-05-2024 11:52 Green Before 12 PM 27-05-2024 07:09 Red After 7AM 27-05-2024 07:10 Red After 7AM 27-05-2024 11:52 Green Before 12 PM 27-05-2024 11:57 Green Before 12 PM
Hello @JayD, As you already mentioned that the apps have been forgotten for over a year, it is likely that the latest details have not been updated on the instance. You can first ensure that you hav...
See more...
Hello @JayD, As you already mentioned that the apps have been forgotten for over a year, it is likely that the latest details have not been updated on the instance. You can first ensure that you have upgraded the Upgrade Readiness App to the latest version and re-run the scan. If the above apps still fail, you can follow the following steps as a workaround: - Run the following script - /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_get_all_apps.py (Internet connection will be required). - Create a directory named app_list in the following path - /opt/splunk/etc/apps/python_upgrade_readiness_app/local/ - Place the attached splunkbaseapps.csv in the app_list folder. - Re-run the scan and check for the final report. Thanks, Tejas. --- If the above solution helps, an upvote is appreciated.
Hello @Polarbear, That shouldn't be the case ideally. It can cause communication break. To avoid this kind of situation, Splunk supports backward compatibility. But that generally happens from highe...
See more...
Hello @Polarbear, That shouldn't be the case ideally. It can cause communication break. To avoid this kind of situation, Splunk supports backward compatibility. But that generally happens from higher tier node to lower tier node. You can also check the following document to understand the order of upgrade between Splunk components. If the search head node is on higher splunk version than the indexer peers, then that can work. However, the vice versa may not hold true. Order of Upgrade - splunk_upgrade_order_of_ops.graffle Thanks, Tejas. --- If the above solution helps, an upvote is appreciated.
I want to exclude the first set of events and retain the 2nd set of events, via lookup, when I use the search NOT condition, it doesn't work as expected. you're right, exclude_message, there is ...
See more...
I want to exclude the first set of events and retain the 2nd set of events, via lookup, when I use the search NOT condition, it doesn't work as expected. you're right, exclude_message, there is no field as such is getting created.
Can the Universal Forwarder (UF) have a higher version than the Heavy Forwarder (HF) and Indexer (IDX)? Will this cause any impact? The reason is that HF and IDX cannot upgrade their ...
See more...
Can the Universal Forwarder (UF) have a higher version than the Heavy Forwarder (HF) and Indexer (IDX)? Will this cause any impact? The reason is that HF and IDX cannot upgrade their OS to meet the prerequisites for version 9.1.4, which requires Windows 2019. Can I proceed with the UF upgrade first? UF = 9.1.4 HF = 9.1.2 IDX = 9.1.2
It looks like you already have a design of sorts For classic dashboards, start by adding panels and move them around into rows. When you look at the source, you will notice some row and panel objec...
See more...
It looks like you already have a design of sorts For classic dashboards, start by adding panels and move them around into rows. When you look at the source, you will notice some row and panel objects <row>
<panel>
...
</panel>
<panel>
...
</panel>
</row>
<row>
etc. The panels will contain you chosen visualisations, e.g. single, chart, table etc.
Hello, Can anyone help me designing a panel in classic dashboard with multiple rows and columns with visualizations. Updated with the full page design, The problem i am facing is Each box i...
See more...
Hello, Can anyone help me designing a panel in classic dashboard with multiple rows and columns with visualizations. Updated with the full page design, The problem i am facing is Each box is set of panels with different visualizations. Is there any idea to code this as full page visualizaion.
hello. I am an engineer currently doing testing with splunk. We are configuring and testing APM and RUM. I am drawing an indicator using spring boot example. For APM, there is at least a 5-10 min...
See more...
hello. I am an engineer currently doing testing with splunk. We are configuring and testing APM and RUM. I am drawing an indicator using spring boot example. For APM, there is at least a 5-10 minute delay when viewing trace data. Additionally, RUM indicators are drawn at intervals of 15 seconds. Can these settings be configured in near real time? Please be sure to attach relevant materials.