This gets resolved somehow. Now I am trying to connect the remote desktop (my peer's Splunk with my power bi) to do a POC. I almost tried everything but I am unable to connect with other Splunk. I ca...
See more...
This gets resolved somehow. Now I am trying to connect the remote desktop (my peer's Splunk with my power bi) to do a POC. I almost tried everything but I am unable to connect with other Splunk. I can only connect with my own. @ashvinpandey Sir, can you please guide me?
I want all the api's with /reports/getFile/* grouped as one and then take the p95,p99,average,count etc. I don't want them as separate entries. Since the endpoint is same and only the id differes. ...
See more...
I want all the api's with /reports/getFile/* grouped as one and then take the p95,p99,average,count etc. I don't want them as separate entries. Since the endpoint is same and only the id differes. /getFile/1 /getFile/2 /getFile/3 this should be grouped as 1 like /getFile - and all the p95,p99,count should be calculated as p95/p99/sum of all the three. /getFile - count(3, since /1,/2,/3), p95(p95 of all the three calculated as 3 similar api call /getFile/*) and so on
I want all the api's with /reports/getFile/* grouped as one and then take the p95,p99,average,count etc. I don't want them as separate entries. Since the endpoint is same and only the id differes. ...
See more...
I want all the api's with /reports/getFile/* grouped as one and then take the p95,p99,average,count etc. I don't want them as separate entries. Since the endpoint is same and only the id differes. /getFile/1 /getFile/2 /getFile/3 this should be grouped as 1 like /getFile - and all the p95,p99,count should be calculated as p95/p99/sum of all the three. /getFile - count(3, since /1,/2,/3), p95(p95 of all the three calculated as 3 similar api call /getFile/*) and so on
| bin _time span=1d
| stats count(eval(_time>=relative_time(now(),"@d-1d"))) as 24hCount count(eval(_time>=relative_time(now(),"@d-30d"))) as 30dCount count(eval(_time>=relative_time(now(),"@d-90d")...
See more...
| bin _time span=1d
| stats count(eval(_time>=relative_time(now(),"@d-1d"))) as 24hCount count(eval(_time>=relative_time(now(),"@d-30d"))) as 30dCount count(eval(_time>=relative_time(now(),"@d-90d"))) as 90dCount by Country
I am trying to use the credentials of my friend to log into Splunk Enterprise, and I am unable to do that. Also, I am using ODBC to connect Splunk with Power BI, and when I do that locally, I am ab...
See more...
I am trying to use the credentials of my friend to log into Splunk Enterprise, and I am unable to do that. Also, I am using ODBC to connect Splunk with Power BI, and when I do that locally, I am able to do that, but when I am trying to do that remotely, I am unable to do that. I am having issues with server URL and port number. Any help would be appreciated to solve these queries. TIA.
Essentially you need to extract from the url field the part that you want. For example, is it always the first two parts, or fewer, or only applied to particular urls? Please describe your requiremen...
See more...
Essentially you need to extract from the url field the part that you want. For example, is it always the first two parts, or fewer, or only applied to particular urls? Please describe your requirement in more detail.
Hi splunkers ! I got a question about memory. In my splunk monitoring console, I get approx 90% of memory used by splunk processes. The amount of memory is 48 Gb In my VCenter, I can see th...
See more...
Hi splunkers ! I got a question about memory. In my splunk monitoring console, I get approx 90% of memory used by splunk processes. The amount of memory is 48 Gb In my VCenter, I can see that only half of the assigned memory is used (approx 24 Gb over 48Gb available). Who is telling me the truth : Splunk monitoring or Vcenter. And overall, is there somthing to configure in Splunk to fit the entire available memory. Splunk 9.2.2 / redhat 7.8 Thank you . Olivier.
Hey hgarnica, i have the same issue, like i was not able to run the search from powerbi, what type of modifications or permissions i need to provide and how will be the sample url for connecting t...
See more...
Hey hgarnica, i have the same issue, like i was not able to run the search from powerbi, what type of modifications or permissions i need to provide and how will be the sample url for connecting the splunk as i was using it with https://hostname:8089 --> do we need to give any specific app names like that. Thanks in-advance for awaiting for your response.
i have created a stacked bar based on a data source (query) and everything works with the exception of: i have to select each data value to display when the query runs through Data Configuration - Y...
See more...
i have created a stacked bar based on a data source (query) and everything works with the exception of: i have to select each data value to display when the query runs through Data Configuration - Y meaning all of my desired values show up there but they are not "selected" by default so the chart is blank until i select them?
My query is index=stuff | search "kubernetes.labels.app"="some_stuff" "log.msg"="Response" "log.level"=30 "log.response.statusCode"=200 | spath "log.request.path"| rename "log.request.path" as u...
See more...
My query is index=stuff | search "kubernetes.labels.app"="some_stuff" "log.msg"="Response" "log.level"=30 "log.response.statusCode"=200 | spath "log.request.path"| rename "log.request.path" as url | convert timeformat="%Y/%m/%d" ctime(_time) as date | stats min("log.context.duration") as RT_fastest max("log.context.duration") as RT_slowest p95("log.context.duration") as RT_p95 p99("log.context.duration") as
RT_p99 avg("log.context.duration") as RT_avg count(url) as Total_Req by url And i am getting the attached screenshot response. I want to club all the similar api's like all the /getFile/* as one API and get the average time
Hi I have events that having multiple countries... I want to count the country field and with different time range. It is need to sort by highest country to lowest. EX Country Last 24h ...
See more...
Hi I have events that having multiple countries... I want to count the country field and with different time range. It is need to sort by highest country to lowest. EX Country Last 24h Last 30 days Last 90 days US 10 50 100 Aus 8 35 80 I need query kindly assist me.
I have ingested data form influx DB to Splunk Enterprise using influxDB add from splunk db connect. Performing InfluxQL search in SQL explorer of created influx connection. I am getting empty values...
See more...
I have ingested data form influx DB to Splunk Enterprise using influxDB add from splunk db connect. Performing InfluxQL search in SQL explorer of created influx connection. I am getting empty values for value column. Query: from(bucket: "buckerName") |> range(start: -6h) |> filter(fn: (r) => r._measurement == "NameOfMeasurement") |>filter(fn: (r) => r._field == "value") |> yield(name: "count") Splunk DBX Add-on for InfluxDB JDBC
Hi @Poojitha You Can Add Multiple Tokens in the Same Configuration Page ! Please refer the Image that i am Attaching, is this what you are looking for ??