Hello, how to convert number to string using tostring function? I tried using tostring function, but the result is still number See below.   Thank you!! | makeresults | eval num = 1 | eval var_type = typeof('num') | eval num2 = tostring(num) | eval var_type2 = typeof('num2')    

Hi, we have just installed the aruba networks add-on splunk, and I would like to have the dashboards that can be created from this add-on, also,  how can i get a table with SNR values vs AP vs users, Thx    

Hi,  I am trying implement custom app using add-on builder. I am running a rest call and getting error as  Error: python ERROR HTTPSConnectionPool(host='*', port=*): Max retries exceeded with url: /*(Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at *>: Failed to establish a new connection: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions')) I have tried adding "verify=False" in python script but its not helping  response = str ((requests.get(url, data = body, auth=(user, password))).text,verify=False) Any idea what else could be an issue and how to fix it. ?

I have a use case where I'm trying to collect events from a federated search. I can run and search results using the federated index, but when I try to add a collect command to collect the results to a local index I get the following error: "No results to summary index." The search works but automatically returns no results when I try to collect. I've leveraged a workaround by using a makeresults with dummy data followed by an append with a subsearch, that contains my federated search and that collects fine, but now I'm limited by subsearch constraints. Anyone run into this issue? Workaround:   | makeresults | eval test="a" | fields - _time | append [ index=federated:testindex | head 1 ] | collect index=mysummaryindex  

Hello I have an alert that runs every 2 minutes for the last 40 hours of data. I use five different logs to retrieve the result I need using the join command. The throttle is set on, suppressing the results for 40 hours in order to suppress the repeating alert. My alert runs perfectly and triggers on time. But every three to four months once, I get the delayed alert for some hours. This issue was repeating for every three to four months, So I had an alternative alert running. Now one of the alert gets delayed for 4 hours and an other one was on time. It makes the alert less reliable. I started to monitor the triggered alerts in Triggered alerts section. Note: It's a very big query takes 30 seconds.  May I know the possible reason for this and best practices to avoid this error in future? How to identify the issue? 

My kvstore is failed and I am trying to renew my certificate, my Splunk server is on a windows server. I have tried the steps by removing the server.pem  and  server_pkcs1.pem from ..\Splunk\etc\auth\  as well as delete the expired Cert SplunkServerDefaultCert from Cerlm. this method worked for me in four other deployments however this one deployment, when I go start my Splunk services, I get failure to start Splunkd with an error message " Unable to generate certificate for SSL. Splunkd port communication may not work (Child failed to start: FormatMessage was unable to decode error (193), (0xc1)) SSL certificate generation failed.