All Posts

Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.

All Posts

Did you ever tried referencing icons from static directory? Seems that only works for images. Any idea on how to accomplish the same but for icons?
H status at  2024-03-07T01:50:00.000-05:00 X 20240307 2024-03-07T03:40:07.000-05:00 X 20240307 C status at  2024-03-07T08:30:22.000-05:00 C 20240307 2024-03-07T08:... See more...
H status at  2024-03-07T01:50:00.000-05:00 X 20240307 2024-03-07T03:40:07.000-05:00 X 20240307 C status at  2024-03-07T08:30:22.000-05:00 C 20240307 2024-03-07T08:30:22.000-05:00 C 20240307 So here count 2  One more H status at  2024-03-07T22:40:07.000-05:00 X 20240307 But its not completed within the day 2024-03-08T08:30:22.000-05:00 C 20240308
Did you ever solve this? I can deploy dashboards with images in the appserver/static folder and they work fine. But it's a different story for icons.
You haven't really explained how you get to a count of 2 given your sample data. Please can you explain your process?
Hello @williamcclark , Is this a Splunk Cloud or on-premise instance? If it is Splunk Cloud and it is a Classic stack confirm if this app is installed in IDM instead of the SH. Also, I recommend yo... See more...
Hello @williamcclark , Is this a Splunk Cloud or on-premise instance? If it is Splunk Cloud and it is a Classic stack confirm if this app is installed in IDM instead of the SH. Also, I recommend you the following: 1 - Open the developer tools of your browser and go to the Console to see if there any errors shown when you receive this error message. 2 - Look for internal errors of this TA in Splunk. index=_internal source=*tenable*   Thanks.
If the lookup table is small enough, you may be able to update it manually using the Splunk App for Lookup File Editing (https://splunkbase.splunk.com/app/1724). Otherwise, the only way to do it in ... See more...
If the lookup table is small enough, you may be able to update it manually using the Splunk App for Lookup File Editing (https://splunkbase.splunk.com/app/1724). Otherwise, the only way to do it in SPL is to read the entire lookup table, modify the status field using eval or other commands, and then rewrite the lookup table. | inputlookup Status.csv | eval status=... | outputlookup Status.csv  
comparing both _time and DT and the NUM (different num will be there). In the sample data i have same NUM.
Thankyou for the answer
"when the status is H and it has to complete within the day itself." - how is this determined from the data?
HI Team, when the status is H and it has to complete within the day itself. expected output for below sample data is count 2 completed overall within the day. Thanks in Advance! Sample outp... See more...
HI Team, when the status is H and it has to complete within the day itself. expected output for below sample data is count 2 completed overall within the day. Thanks in Advance! Sample output below: _time OVERAL DT NUM STAT FM WLM CS OB EM RC ER ST 2024-03-07T01:50:00.000-05:00 X 20240307 5 C C C H X X X X X 2024-03-07T03:30:10.000-05:00 X 20240307 5 C C C P X X X X X 2024-03-07T03:40:07.000-05:00 X 20240307 5 C C H H H H H H H 2024-03-07T06:10:14.000-05:00 X 20240307 5 C C C I X X X X X 2024-03-07T07:10:16.000-05:00 X 20240307 5 C C C H X X X X X 2024-03-07T07:30:17.000-05:00 X 20240307 5 C C C I X X X X X 2024-03-07T08:20:18.000-05:00 X 20240307 5 C C C C I C I C C 2024-03-07T08:30:22.000-05:00 C 20240307 5 C C C C C C C C C 2024-03-07T02:20:01.000-05:00 X 20240307 5 C C C X X X X X X 2024-03-07T03:30:10.000-05:00 X 20240307 5 C C C P X X X X X 2024-03-07T03:40:07.000-05:00 X 20240307 5 C C H H H H H H H 2024-03-07T07:10:16.000-05:00 X 20240307 5 C C C H X X X X X 2024-03-07T07:30:17.000-05:00 X 20240307 5 C C C I X X X X X 2024-03-07T08:20:18.000-05:00 X 20240307 5 C C C C I C I C C 2024-03-07T08:30:22.000-05:00 C 20240307 5 C C C C C C C C C 2024-03-07T010:30:10.000-05:00 X 20240307 5 C C C P X X X X X 2024-03-07T22:40:07.000-05:00 X 20240307 5 C C H H H H H H H 2024-03-07T22:10:16.000-05:00 X 20240307 5 C C C H X X X X X 2024-03-07T23:30:17.000-05:00 X 20240308 5 C C C I X X X X X 2024-03-07T00:20:18.000-05:00 X 20240308 5 C C C C I C I C C 2024-03-08T08:30:22.000-05:00 C 20240308 5 C C C C C C C C C
Well, it can be several things, network/config: You have shown the inputs but what about the outputs? Obviously, you will have a better understanding of your network / access / data flow details,... See more...
Well, it can be several things, network/config: You have shown the inputs but what about the outputs? Obviously, you will have a better understanding of your network / access / data flow details, but here's a number of area's for you to check  and investigate. Have you installed the Splunk Cloud UF App Package onto the HF (splunkclouduf.spl This contains the outputs.conf  / TLS config, you download this from your Splunk cloud stack). Have you allowed the HF for outbound connectivity to Splunk Cloud (Firewall changes) ? After you download and install the Splunk Cloud UF App Package onto the HF, can you see the HF's _internal logs in Splunk cloud? In Splunk cloud there is allow IP whitelisting feature, have you configured this for the HF to allow data to be sent to Splunk cloud?
Hi @Cleber.Penteado, My apologies, any Self-service free trials started after Feb 2024 no longer convert to Lite. If you want to activate your free license again, please contact Sales by going here... See more...
Hi @Cleber.Penteado, My apologies, any Self-service free trials started after Feb 2024 no longer convert to Lite. If you want to activate your free license again, please contact Sales by going here: https://www.appdynamics.com/company/contact-us You can read about the changes we made to Trial and Lite here: https://community.appdynamics.com/t5/Knowledge-Base/AppDynamics-Trial-account-setup-getting-help-and-post-trial/ta-p/53018
Hi All, I have created a lookup table Status.csv which is having all the status of tickets and whether they are SLA relevant or not. However, due to having incorrect data while creating the table th... See more...
Hi All, I have created a lookup table Status.csv which is having all the status of tickets and whether they are SLA relevant or not. However, due to having incorrect data while creating the table the values for all the Statuses are coming wrong. I want to update all the data for these statuses and add few more status values to the lookup table. How do I do that? Please suggest.
Hi @adrifesa95, are you receiving Splunk internal logs from the HF and UFs in Splunk Cloud? how did you configure the outputs.conf on the HF? and on the UFs? Ciao. Giuseppe
We are writing Log Statements in Java,  and then reviewing the info and exception alerts. Our team is then conducting a Splunk Search count of log statements by Category. Many of our log statements... See more...
We are writing Log Statements in Java,  and then reviewing the info and exception alerts. Our team is then conducting a Splunk Search count of log statements by Category. Many of our log statements can have share multiple categories.  Using this reference for key-value pair, https://dev.splunk.com/enterprise/docs/developapps/addsupport/logging/loggingbestpractices/ So in our log statements, We are doing      LOG.info("CategoryA=true , CategoryG=true");     Of course, we aren't going to write "Category=false" in any logger, since its inherent in the statement. Is this a overall good method to count values in Splunk by Category, or do you recommend a better practice?    
Hi @avii7326, sorry but I don't understand the purpose of this search: you have the same search in the first part, with results aggregated using statsm so in one row you have three values Total Suc... See more...
Hi @avii7326, sorry but I don't understand the purpose of this search: you have the same search in the first part, with results aggregated using statsm so in one row you have three values Total Success and Error. Then in the append search, using the same search, you have many events listed with the table command. And there isn't any correlation between the two parts of the search. What's the output that you would have? Ciao. Giuseppe
@Ryan.Paredez hello! Showing expired.
Sure, post call i'll update here.
Hi @Shubham.Kadam, I hear you have a call this Friday with AppDynamics. Can you share any learnings from that call here as a reply as it relates to the question you asked. 
Hi @sajo.sam, Did you see the reply from @Rajesh.Ganapavarapu? Can you confirm if it helped? If it did, click the "Accept as Solution" button, if not, continue the conversation