Hi, Everyone!  Not everyone starts with a vanilla environment. How to address your customization needs with agent management?  Come check out the existing questions here: Smart Agent FAQ | Custom configuration files, monitors, and extensions What do you think? Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   Planning your Smart Agent installation mise-en-place? Get the facts, encouragement, and inspiration here: Smart Agent FAQ | Getting Started: Installation What do you think? Don't forget to ask your own questions and share your insights! As a community, we are all here to help! Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   So, what can you expect from the Agent Management UI?  There are many new improvements to the user interface to support agent management, and we have been addressing many questions that are sure to help you on your journey. Controller Agent Management console? RBAC? Check out these and other UI-related frequently asked questions here: Smart Agent FAQ | Agent Management User Interface What do you think? Have a question of your own? Post it here and let us help. Our team would love to hear your thoughts, including how we can add to and improve the FAQ. Post your questions here and let us help. Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   Thinking about how Smart Agent integrates with your CI/CD pipelines? Is agent management encouraged for existing CI/CD pipelines? Um..., yes! See the details here, and please share your questions and impressions below: Smart Agent FAQ | Tooling Pipeline Guidelines What do you think? Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate a quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   Starting to think about your agent management strategy?  Check out topical questions to spur your planning and inspire more questions: Smart Agent FAQ | Strategy How does Smart Agent manage existing agents—or new planned ones? What if there are hundreds, or more? How will it really work for your day-to-day? What do you think? Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   What are Smart Agent's requirements?  Here's a key question before getting started: What are the requirements?  Smart Agent FAQ | Requirements What do you think? We've started with the requirements questions we knew you'd want, plus questions others have already asked. Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   What about environments supported with Smart Agent?  Find out what environments and features are supported as what may be coming down the line. Post your questions and we will be sure to address them. The future of Smart Agent depends on your needs! Smart Agent FAQ | Supported Environments What do you think? Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   Concerned about costs or support with Smart Agent?  Spoiler alert: You don't need to buy additional licenses to use Smart Agent. Check out the other most frequently asked about this here:  Smart Agent FAQ | Licenses and Packages  What do you think? Our team would love to hear your thoughts, including how we can add to and improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, Everyone!   Get to know some of the basics around using Smart Agent to simplify agent management tasks, such as it's value and what specific features are available.  Smart Agent FAQ | Simplified Agent Management Basics There, find out how we define smart agent management, installation requirements and details, a high-level outline of value in this v23.11 release,  and more...  What do you think? Our team would love to hear your thoughts, and how we can improve the FAQ Please do share your impressions, considerations, and questions below. Our Smart Agent FAQ has a lot of information about Smart Agent and related features. We thought you might appreciate this quick way to get to the topics that most interest you, paired with a place to ask questions and enlarge on your take... 

Hi, I have noticed over the last 4 days I had an increased number of Search Bundle replication errors: 12-21-2023 09:50:12.604 +0000 WARN ConfReplicationThread [9209 ConfReplicationThread] - Error pushing configurations to captain=https://searchHeadCaptain:8089, consecutiveErrors=1 msg="Error in acceptPush: Non-200 status_code=400: ConfReplicationException: Cannot accept push with outdated_baseline_op_id=16ed9160640170315673324237791a4cfe256d59; current_baseline_op_id=cd93950208af34df00957e721b87128d3629d2d1" These occur in groups every 4 hours. I have also seen CPU spikes on the Search Heads that started occuring at the same time and also every 4 hours. Further investigation has shown that the following events from conf.log have also been occuring at the same time every 4 hours { [-]    component: ConfOp    data: { [-]      applied_at: 1703264397      asset_id: 220d8bbce6d790850cda3980c5784c62b1a9f9ff      asset_uri: [ [+]      ]      from_repo: https://searchHeadCaptain:8089      op_id: 102aa206f930da5eef0d47163b354c61254566c5      optype: 2      optype_desc: WRITE_STANZA      payload: { [-]        alias: Risk        metadata: { [-]          permissions: { [-]          }        }        value: ***TRANSIENT***://6613      }      payload_extra: ***ALLOW_SKIP_ON_WRITE***      status: applied      task: pullFrom      to_repo: https://searchHeadPeer.com:8089      to_repo_change_count: 20214    }    datetime: 12-22-2023 16:59:57.097 +0000    log_level: INFO } Does anyone know what these events mean and how I can find out what is causing them? Bundle replication errors:   conf.log events:   CPU spikes:  

I am running the current search using the network toolkit but will not show the hostname field from the csv, do I need to do another inputlookup at the end of the search. | inputlookup iphost.csv | search src_ipV4=* hostname=* | rename src_ipV4 as host | stats values(host) as host | mvexpand host | map maxsearches=50 search="| ping host=$host$ count=1 | eval dest=if(isnull(dest),host,dest) | fields host dest received" | table host dest received hostname