Hi @ITWhisperer thanks for taking the time to reply when using init -it only initializes the first time but doesn't update accordingly when fieldset is changed
I am working om creating a dashboard to display data from my app-I have a dropdown where you select which environment you want to see data for-I need to set 2 values based on this dropdown: 1.connec...
See more...
I am working om creating a dashboard to display data from my app-I have a dropdown where you select which environment you want to see data for-I need to set 2 values based on this dropdown: 1.connection for db queries 2. host for logs based queries I searched many option but couldn't get any to work:I am trying to do <fieldset submitButton="false"> <input type="dropdown" token="connection"> <label>Select Region</label> <default>dev-platform-postgres</default> <choice value="dev-platform-postgres">US</choice> <choice value="dev-platform-postgres-eu">EU</choice> <change> <condition label = 'dev-platform-postgres'> <set token="host">eks-prod-saas-ue1-*</set> </condition> <condition label = 'dev-platform-postgres-eu'> <set token="host">prd-shared-services-eu-eks*</set> </condition> </change> </input> </fieldset> and then be able to use both $host$ and $connection$ tokens in the dashboard but I cant get $host$ initialized correctly any help would be appreciated also -side note I am getting a warning "Expected at most 1 children of fieldset in dashboard, instead saw 2"-how am I supposed to handle a case where I want 2 selections -one of date and one of connection?
Could you please share the sample raw logs and how are those looking in Splunk once they are ingested? Issues with Line breaking, timestamp assignment, field extraction?
You can disable those integrity checks as well if your Splunk environment is working fine after upgrade. To disable the file integrity check, edit the installed_files_integrity setting in the limits....
See more...
You can disable those integrity checks as well if your Splunk environment is working fine after upgrade. To disable the file integrity check, edit the installed_files_integrity setting in the limits.conf file
@Alan_Chan I have upgraded Splunk from version 9.3.1 to 9.4.0 on a Linux platform and observed this warning. However, Splunk is functioning properly, and no issues have been noticed post-upgrade. I ...
See more...
@Alan_Chan I have upgraded Splunk from version 9.3.1 to 9.4.0 on a Linux platform and observed this warning. However, Splunk is functioning properly, and no issues have been noticed post-upgrade. I believe the warning can be safely removed. I hope this helps, if any reply helps you, you could add your upvote/karma points to that reply, thanks.
Not without combining them into a single event - this is usually done with some sort of stats command e.g. stats, eventstats, streamstats, etc Depending on what you are trying to do and how the data ...
See more...
Not without combining them into a single event - this is usually done with some sort of stats command e.g. stats, eventstats, streamstats, etc Depending on what you are trying to do and how the data is represented in your events, there could be a number of ways to do this.
Hi @RSS_STT , in [Settings > Lookups > Lookup Definitions ] open "Advanced Options" and configure CIDR as match_type, as described at https://docs.splunk.com/Documentation/Splunk/9.4.0/Knowledge/Add...
See more...
Hi @RSS_STT , in [Settings > Lookups > Lookup Definitions ] open "Advanced Options" and configure CIDR as match_type, as described at https://docs.splunk.com/Documentation/Splunk/9.4.0/Knowledge/Addfieldmatchingrulestoyourlookupconfiguration Ciao. Giuseppe
Can i do the wildcard matching in lookup? |makeresults |eval ip=192.168.101.10 |lookup ip.csv ip output host In my lookup i have two entry ip=192.168.101.10 & ip=192.168.101.10/24. How can i add...
See more...
Can i do the wildcard matching in lookup? |makeresults |eval ip=192.168.101.10 |lookup ip.csv ip output host In my lookup i have two entry ip=192.168.101.10 & ip=192.168.101.10/24. How can i add wildcard (*) for match and i should get two entry.