Hi i am kinda new to Splunk and I'm having this trouble  `A script exited abnormally with exit status: 1" input=".$SPLUNK_HOME/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py"` I have 1 Master sever(Cluster Master, SHC Deployer, License Master), 3 search heads(clustered) 3 indexers(clustered) 1 heavy forwarder i've run below command that I found on a web ``` | rest /services/admin/inputstatus/ModularInputs:modular%20input%20commands splunk_server=local count=0 | append [| rest /services/admin/inputstatus/ExecProcessor:exec%20commands splunk_server=local count=0] | fields inputs* | transpose | rex field=column "inputs(?<script>\S+)(?:\s\((?<stanza>[^\(]+)\))?\.(?<key>(exit status description)|(time closed)|(time opened))" | eval value=coalesce('row 1', 'row 2'), stanza=coalesce(stanza, "default"), started=if(key=="time opened", value, started), stopped=if(key=="time closed", value, stopped) | rex field=value "exited\s+with\s+code\s+(?<exit_status>\d+)" | stats first(started) as started, first(stopped) as stopped, first(exit_status) as exit_status by script, stanza | eval errmsg=case(exit_status=="0", null(), isnotnull(exit_status), "A script exited abnormally with exit status: "+exit_status, isnull(started) or isnotnull(stopped), "A script is in an unknown state"), ignore=if(`script_error_msg_ignore`, 1, 0) ``` and I got this result  exit_status 1 and 114 how do i get rid of this errors?  Thank you in advance.

Hi all, I have CSV files  (they are exports from the Garmin R10 launch monitor session data via the Garmin Golf app) that contain 2 header lines, the first header line contains the field names and the second header line contains the unit of measurement (or blank if not applicable) For example: Date,Player,Club Name,Club Type,Club Speed,Attack Angle,... ,,,,[mph],[deg],... 09/10/23 10:00:45 AM,Johan,7 Iron,7 Iron,70.30108663634557,-7.360383987426758,...   Now, I would like to index the data in one of 2 ways: Add the unit of measurement to the value so that would become "70.30108663634557mph" for the Club Speed field Add an additional column that contains the unit of measurement Add column "Club Speed UOM" with value mph for every line indexed from the CSV file and do this for every column that contains a valid unit of measurement For me, option 2 would be the preferred option A third option, would be to skip the unit of measurement line altogether but I would rather not use this option.   I would appreciate any help that points me in the right direction to solve this challenge.   Thanx in advance.

Hi, I didn't find detailed info, how to connect Universal Forwarders to Monitoring Console. In our organization there is no deployment server, but we do want to monitor Splunk UF/HF with monitoring console, so the info can be seen on MC > Forwarders > Forwarders: Deployment What are the steps on the UF side to configure this. Thanks

Hi,   We wonder how to monitor the smbV1 access in a domain.   We are already enabled the eventcode 3000 log on windows log.   Now we want to know who use smbV1 to access on every host:   to start we use this request:       index=windows EventCode=3000 source="WinEventLog:Microsoft-Windows-SMBServer/Audit"         but now we want to display in a table / stats ... foreach host each computers / users access to them.     Could you help us please

I am learning splunk for the first time in my course, I had this task of setting up 4 VMs through VMware workstation , 1 being controller a Centos GUI, and the other 3 being agents centos CLI. I went through the configuration of the VMs they all ping each other fine. I SSH the splunk onto the 4 VMs using mobaxterms. After creating the 9997 port on the controller and saving the port I configured each agent to have their agents ip address forward to the port of my controller. After going through my lab at the last part I had to type in an input Index=”main” host=* | table host | dedup host this had no results I was told if nothing popped up I would to troubleshoot by rebooting my vm and my host system but that didn't fix it would love some insights