I want to extract whole line till proxy RAISE-ALARM:acProxyConnectionLost: [KOREASBC1] Proxy Set Alarm Proxy Set 1 (PS_ITSP): Proxy lost. looking for another proxy;
Hi , I want to extract this line from an event. RAISE-ALARM:acProxyConnectionLost: [KOREASBC1] Proxy Set Alarm Proxy Set 1 (PS_ITSP): Proxy lost. looking for another proxy;
Dropdown is also dynamically populated from sample.csv file. Yes if i select multiple from dropdown. it should display accordingly like DRDO, Bangalore for both conditions. This is actually i need ...
See more...
Dropdown is also dynamically populated from sample.csv file. Yes if i select multiple from dropdown. it should display accordingly like DRDO, Bangalore for both conditions. This is actually i need to apply all over my other search results like Pie chart. table format. etc. that are displayed in my dashboard. But for now, I am trying to sort it out for single value count. so i can apply same logic for pie chart etc.
Thanks for the reply. The issue seems to come from our AD configuration. The popup redirects to an SSO login window, and if I use the "Not you?" button to specify a local user, it ignores it and jum...
See more...
Thanks for the reply. The issue seems to come from our AD configuration. The popup redirects to an SSO login window, and if I use the "Not you?" button to specify a local user, it ignores it and jumps to the SSO login again. I have a support case with Splunk and this is what they've observed. So we need to check out this redirection issue internally.
Hi, I am trying to configure AWS Lambda running in Node Js in AppD. I have subscribed to Serverless APM for AWS Lambda subscription. Node js version is 20.x We selected a lambda function and added ...
See more...
Hi, I am trying to configure AWS Lambda running in Node Js in AppD. I have subscribed to Serverless APM for AWS Lambda subscription. Node js version is 20.x We selected a lambda function and added a layer then added environment variables via the console. After adding the variables the lambda is executed. But the application is not reporting in AppDynamics controller. What could be the reason. Is there any additional instrumentation required. Also, please confirm on ARN version to be used, the function is hosted in us-east-1, also confirm whether runtime is compatible or not with Node js 20.
Hi @richgalloway , you were right. The datamodel "Endpoint" was not properly configured, whitelisted indexers were empty. I added the index wineventlog but it still appears in red. But whenever I ...
See more...
Hi @richgalloway , you were right. The datamodel "Endpoint" was not properly configured, whitelisted indexers were empty. I added the index wineventlog but it still appears in red. But whenever I click on the "open search" link next to the red icon, that query does get data. any idea of what might be happening here? Also, I created the macro "summaryonly_config" as you suggested but new errors appeared related to the other two missing macros "oldsummaries_config" and "fillnull_config". I also created these macros with a true value in both cases. that seems to solve the issue with the search, no more errors are shown. thanks
Have you correctly configured your HF to just forwarding events to indexers instead of storing those locally? i have configuered the index from GUI and the data inputs also how could i know if it's ...
See more...
Have you correctly configured your HF to just forwarding events to indexers instead of storing those locally? i have configuered the index from GUI and the data inputs also how could i know if it's stored locally or not. Have you configured other indexes on HF which currently found from your indexer cluster and are those events go through this HF? yes, there are indexer names come from HF and also found in CM indexer cluster ( they coming from HF ) When you are configuring indexes on CM that didn' t means that those are seen on locally in CM. Those indexes are pushed only into peers! when i configuered the index from HF i did the same inside indexes.conf in manager-apps directory. Could it be that those new indexes are e.g. under master-apps and old ones are under manager-apps on your CM? You could use only one of those places not both? all the indexers in CM inside manager-apps . i did splunk btool indexes list --debug <your index name> and the index is showing with the same settinges inside CM after pushing the bundle.
Hi basically it's enough that you have created index on cluster master and then pushed it into search peers. In HF it's more nice to have. Of course if you have some modular inputs which you are con...
See more...
Hi basically it's enough that you have created index on cluster master and then pushed it into search peers. In HF it's more nice to have. Of course if you have some modular inputs which you are configuring with GUI, those usually needs also indexes configure in HF too. Have you correctly configured your HF to just forwarding events to indexers instead of storing those locally? Have you configured other indexes on HF which currently found from your indexer cluster and are those events go through this HF? When you are configuring indexes on CM that didn' t means that those are seen on locally in CM. Those indexes are pushed only into peers! Could it be that those new indexes are e.g. under master-apps and old ones are under manager-apps on your CM? You could use only one of those places not both? If I recall right manager-apps has higher priority over master-apps (the old place). So if you have any cluster peer configurations (also other than indexes.conf) then all configurations must move there or otherwise those are not working. Again btool is your friends. You could go into any peer and try splunk btool indexes list --debug <your index name> This shows if its deployed into peer and if where it is. If I recall right there are some options how to run this also on CM and see what its deploy to peers, but I cannot found that option now. But anyhow just look on your CM and ensure that you are using only master-apps or manager-apps and not both. Basically you should see this also on _internal logs. r. Ismo
Hi, If you want to see your index on CM, there is at least one log collect for this index. Can you check logs coming to this index with "tcpdump -i any port 514" on HF server. And you must check y...
See more...
Hi, If you want to see your index on CM, there is at least one log collect for this index. Can you check logs coming to this index with "tcpdump -i any port 514" on HF server. And you must check your firewall permission with "firewall-cmd --list-all"
Hello members, I have clustered environment and i create index on HF and data inputs for receive syslog, I create the same index inside indexers.conf in cluster master then pushed the configurati...
See more...
Hello members, I have clustered environment and i create index on HF and data inputs for receive syslog, I create the same index inside indexers.conf in cluster master then pushed the configuration. the index not appears in indexer cluster in CM and not searchable i tried to use btool inside each indexer and appears my indexer on loaded indexers . so what the problem .
For your dropdowns, where do the values come from? Are they static (known ahead of time and configured in the dashboard), or dynamic (the results of a search)? If more than one dropdown is selected,...
See more...
For your dropdowns, where do the values come from? Are they static (known ahead of time and configured in the dashboard), or dynamic (the results of a search)? If more than one dropdown is selected, do you want both to used e.g. the count for DRDO in Bangalore is 1?
Sorry, I am a beginner. Where is the complete query. When i select a location Bangalore from drop down. The single value count for Final Status column should be displayed for that Location. If i sele...
See more...
Sorry, I am a beginner. Where is the complete query. When i select a location Bangalore from drop down. The single value count for Final Status column should be displayed for that Location. If i select Company Name DRDO from dropdown, it should display Final Status single value count for that company. Eg: Single value count for Bangalore location is 3. Single value count for Company DRDO is 1.