Hey I registered myself with the Splunk free trail but I was not able to get to the usage data management console, this is what I have landed up to, does any of the following include the actual host ...
See more...
Hey I registered myself with the Splunk free trail but I was not able to get to the usage data management console, this is what I have landed up to, does any of the following include the actual host apart from the license tier the customer belongs to?
I'm not from Malaysia but would love to join a meeting full of Splunk guru's to learn off, I'm currently at admin level and maybe could ask some questions from time to time?
Thank you for this. I feel it is close but I am getting some inconsistent/incomplete findings in the search. I have a pod that I know is "missing" it is in the pod lookup table , but is not deployed....
See more...
Thank you for this. I feel it is close but I am getting some inconsistent/incomplete findings in the search. I have a pod that I know is "missing" it is in the pod lookup table , but is not deployed. The Line chart shows that it is missing in the current hour but not in the previous hours that i know that it was missing.
That makes sense now. I recall looking at that.... Its pretty crappy how you have to manage the static content. Good tip about being able to hidenodata. I didn't know you can do that..... might ...
See more...
That makes sense now. I recall looking at that.... Its pretty crappy how you have to manage the static content. Good tip about being able to hidenodata. I didn't know you can do that..... might have to update some code.
Hi Splunkers.. on linux when i try to do wget linux download, it says download.splunk.com is not trusted. Could you pls check it, thanks. Best Regards Sekar
Thanks Splunkers. https://usergroups.splunk.com/kuala-lumpur-splunk-user-group/ for 1st saturday of every month, lets have a monthly meeting and lets become splunk gurus. i have scheduled a meetin...
See more...
Thanks Splunkers. https://usergroups.splunk.com/kuala-lumpur-splunk-user-group/ for 1st saturday of every month, lets have a monthly meeting and lets become splunk gurus. i have scheduled a meeting for June 1st Saturday. Virutal meeting, no physical meeting, as its the first meeting. Malaysia, Singapore, Indonesia, Brunei, india.. Splunkers pls join. thanks. Best Regards Sekar #SplunkTrust
Thanks for taking the time to respond. I guess I should have better explained that I was hoping to receive audit logs (failed logins, etc.). That is what the UiPath team here is saying that cannot p...
See more...
Thanks for taking the time to respond. I guess I should have better explained that I was hoping to receive audit logs (failed logins, etc.). That is what the UiPath team here is saying that cannot put at a file location without "manual labor." We settled on a database connection.
Configuring Log Observer, getting error: Unable to create Splunk Enterprise Cloud client. Invalid or incorrect splunkenterprisecloud certificate following these instructions: https://app.us1.signa...
See more...
Configuring Log Observer, getting error: Unable to create Splunk Enterprise Cloud client. Invalid or incorrect splunkenterprisecloud certificate following these instructions: https://app.us1.signalfx.com/#/logs/connections/enterpriseCloud/new
Hello @marioosh2 I'm Vatsal from Community Moderator team, If answer from @ITWhisperer resolved your question then please accept the answer by clicking on "Accept as Solution" underneath the answe...
See more...
Hello @marioosh2 I'm Vatsal from Community Moderator team, If answer from @ITWhisperer resolved your question then please accept the answer by clicking on "Accept as Solution" underneath the answers from @ITWhisperer , so that future community member can get help from it.
Hello @niketn and good day. I just noticed in this answer (super good btw) that you're using a line chart within what it seems to be a statistical table, I've been traying to replicate that same thin...
See more...
Hello @niketn and good day. I just noticed in this answer (super good btw) that you're using a line chart within what it seems to be a statistical table, I've been traying to replicate that same thing, would you be so kind to share the way you accomplish this? I'm using enterprise 9.1.2 on a single node Thanks in advance and best regards.
@IlianYotov - Just to clarify the path you are trying to look at is /Users/yotov/app/.logs/.../*.log Inside /Users/youtov/app There is a hidden folder named ".log" inside that, there are sub-fol...
See more...
@IlianYotov - Just to clarify the path you are trying to look at is /Users/yotov/app/.logs/.../*.log Inside /Users/youtov/app There is a hidden folder named ".log" inside that, there are sub-folders inside which there are files with .log extention at the end. Also, is there any specific reason for using alwaysOpenFile parameter? * https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf
@Siddharthnegi Structured Data As suggested in the doc shared by you, structured data is parsed by UF. INDEXED_EXTRACTIONS parameter in the props.conf force_local_processing As suggested by @...
See more...
@Siddharthnegi Structured Data As suggested in the doc shared by you, structured data is parsed by UF. INDEXED_EXTRACTIONS parameter in the props.conf force_local_processing As suggested by @richgalloway - This will force linebreaker, aggerator, and the regexreplacement processors on UF. Reference - props.conf - https://docs.splunk.com/Documentation/Splunk/latest/Admin/Propsconf I hope this helps!!!
@vijreddy30 - Please check for following things in order: Check whether Splunk is running or not? ./bin/splunk status (Run from Splunk installation folder / SplunkHome) If Splunk is not active ...
See more...
@vijreddy30 - Please check for following things in order: Check whether Splunk is running or not? ./bin/splunk status (Run from Splunk installation folder / SplunkHome) If Splunk is not active then ./bin/splunk start (Start the Splunk service) ./bin/splunk status (Check the Splunk status Again Once completed and you still don't see the Splunk, look for issues in your splunkd.log file. Just to point out in your web.conf, there is an extra a in front of privKeyPath. Checking above should be able to help you find and fix the issue. I hope this helps!!!
Be aware that map is a potentially unsafe command. Also your approach with both map and an intermediate lookup seems strange. That's what passing fields to the subsearch is for.