Please help me load jquery-ui into a dashboard xml Also, can i load the jquery-ui css inside the require.conf? in the browser console, i'm getting this error:  JQuery Version: 3.6.0 VM4289:50 Uncaught TypeError: Cannot read properties of undefined (reading 'ui') at eval (eval at <anonymous> (dashboard.js:1276:187236), <anonymous>:50:20) at Object.execCb (eval at module.exports (dashboard.js:632:662649), <anonymous>:1658:33) at Module.check (eval at module.exports (dashboard.js:632:662649), <anonymous>:874:51) at Module.eval (eval at module.exports (dashboard.js:632:662649), <anonymous>:1121:34) at eval (eval at module.exports (dashboard.js:632:662649), <anonymous>:132:23) at eval (eval at module.exports (dashboard.js:632:662649), <anonymous>:1164:21) at each (eval at module.exports (dashboard.js:632:662649), <anonymous>:57:31) at Module.emit (eval at module.exports (dashboard.js:632:662649), <anonymous>:1163:17) at Module.check (eval at module.exports (dashboard.js:632:662649), <anonymous>:925:30) at Module.enable (eval at module.exports (dashboard.js:632:662649), <anonymous>:1151:22)       require.config({ waitSeconds: 0, paths: { 'localjquery':'/static/app/myapp/lib/jquery.min', 'jqueryui':'/static/app/myapp/lib/jquery-ui.min' }, shim: { 'jqueryui': { deps: ['localjquery'] } } }); require([ // 'splunkjs/ready!', 'underscore', 'backbone', 'localjquery', 'splunkjs/mvc', 'jqueryui', 'splunkjs/mvc/simplexml/ready!' ], function (_,Backbone, $, mvc) { defaultTokenModel = mvc.Components.get("default"); console.log("JQuery Version:"); console.log(jQuery().jquery); console.log("JQuery-UI Version:"); console.log($.ui.version); });       Dashboard     <dashboard script="input_slider_range.js" stylesheet="lib/jquery-ui.min.css"> <label>slider range</label> <row> <panel> <html> SLIDER <p> <label for="amount">Price range:</label> <input type="text" id="amount" readonly="true" style="border:0; color:#f6931f; font-weight:bold;" /> </p> <div id="slider-range"></div> </html> </panel> </row> </dashboard>      

Hello, My goal is to create a ping test for several cameras we have onsite. I'm looking for advice on this issue. We are using a software called Genetec for our cameras (not sure if this can be integrated with Splunk nor if it is completely necessary).  Details: Currently I have Splunk Cloud (3 on-premise Hosts AWS) Cameras that connect to a physical router at our office. I have access to the physical router used by the cameras.  Private IPs within a VLAN.  I have access to the cameras' private IPs and can ping them when connected to our VPN.  Genetec software used for our cameras.  Goals: Create Alerts when the cameras go down via a ping test. Possibly create a dashboard showing each's camera's availability (meaning if it is on or off)  

We recently upgraded our on prem Splunks to version 9.0.0 and now any time we click on our home grown Dashboards we get this error: This dashboard version is missing. Update the dashboard version in source   we were on an older version of Splunk 8.x for a while so no idea when this has changed  

Hi, I need to switch my Splunk Enterprise SH to the european spacebridge server. Does anybody know the correct URL? Can I just switch by pointing to the other server in securegateway.conf? Many thanks in advance Best Regards Wolfgang

New to cybersecurity, been in my first entry level job for 6 months. New to splunk, took some classes but they were quick and didn't detail a whole lot, splunk instructor read the slides basically. Ran into issue, red warning on 8.2.4 The percentage of small buckets (100%) created over the last hour is high and exceeded the red thresholds (50%) for index=mail, and possibly more indexes, on this indexer. At the time this alert fired, total buckets created=5, small buckets=1 and then it would list that last 50 related messages, early this morning it did....but now it says 'None' It happens on indexer #7 of the 8 we have. Crawling the web to gain some understanding. Found this link: Solved: The percentage of small of buckets is very high an... - Splunk Community   The OP had the same issues but talked about timeparsing and they were able to fix. - what is and how to fix timeparsing?   I am not great with search strings, regex, etc...splunk just kind of fell in my lap. I tried to follow the search string that @jacobpevans  wrote up in reply to the post above, not sure if I follow it well. basically its serching for each hot bucket for index _internal sourcetype splunkd, listing those hot buckets that are moving to warm, renaming to index to join, join command then joins each intance to a rollover.  I run his string as is, and get a lot of readout listing many indexes but not index mail as indicated in the warning. Also the readout shows 4 rows (2 indexes on 2 different indexers) with Violation and 100% small buckets.  I would like to resolve this issue but i am seriously lost, haha. I think splunk may be the death of my career even before i get started.  

Hi ,   Some users are seeing this error while running search query "Invalid_adhoc_search_level" - issue is intermittent.  Did someone else faced similar issue . If yes, why is it happening and how to fix it.  Splunk version - 8.2.6  

Hello, I am trying albeit unsuccessfully to add the multiline configuration into helm values file for sck install.  I am unable to get any custom filter to stick at fresh install or upgrade.  Each time the lines that control multiline are wiped out.  Does anyone have an example of injecting this into values.yaml for helm sck install or upgrade? Trying to get multiline logs in below to apply @ install or upgrade time. GitHub - splunk/splunk-connect-for-kubernetes: Helm charts associated with kubernetes plug-ins   Thanks

Hello, I would like to be able to create a serverclass based on our inventory, which is indexed in Splunk. The problem with using wildcard is that our servers don't have a sufficiently detailed name to be able to determine the type of database that is running on it. Example : vm-db-1 -> MariaDB vm-db-2 -> PostgreSQL vm-db-3 -> MariaDB vm-db-4 -> Oracle With a Splunk query, I can easily find this information. Is there a solution to my problem? Thanks for your help

There are logs with contents like [{timestamp: xxx, duraton: 5,  url: "/foo1", status: 200}, {timestamp: xxx, duraton: 7,  url: "/foo2", status: 200}, {duraton: 6,  url: "/foo1", status: 200}...] I'd like stats the throughput and latency with sparkline. Now I can get the avg sparkline, however, if there is a way to get the p50 sparkline, p90 sparkline or so, the avg latency sparkline might not be helpful enough. Sample query is like below.  ...  earliest=-1d@d latest=@d | stats     sparkline(count, 5m) as throughput,     sparkline(avg(duration), 5m) as latency,     count as total_requests,     p50(duration) as duration_p50,     p90(duration) as duration_p90,     p99(duration) as duration_p99

Base query: index=jenkins* teamcenter |search event_tag=job_event |search build_url=*TC_Active* |where isnotnull(job_duration) |rex field=job_name "(?<app>[^\.]*)\/(?<repo>[^\.]*)\/(?<jobname>[^\.].*)" |rex field=metadata.GIT_BRANCH_NAME "(?<branch>.*)" |rex field=user "(?<user>[^\.]*)" |search app="*" AND repo="*" AND jobname="*" AND branch="*" AND user="*" | eval string_dur = tostring(round(job_duration), "duration") | eval formatted_dur = replace(string_dur,"(?:(\d+)\+)?0?(\d+):0?(\d+):0?(\d+)","\1d \2h \3m \4s") |rename job_started_at AS DateTime app AS Repository branch AS Branch jobname AS JobName job_result AS Job_Result formatted_dur AS Job_Duration "stages{}.name" AS "Stage View" "stages{}.duration" AS Duration |table DateTime Repository Branch JobName Job_Result Job_Duration "Stage View" Duration Output:  DateTime Repository Branch JobName Job_Result Job_Duration Stage View Duration 2022-07-07T11:47:39Z TeamCenter/TC_Active/TCUA_Builds release/ALM_TC15.5 AMAT_Key_Part_Family_Extraction SUCCESS d 0h 15m 35s Preparation Sonar Analysis Build Save Artifacts 108.817 419.698 15.819 376.698 2022-07-07T17:14:49Z TeamCenter/TC_Active/Portal release/ALM_TC15.5 com.amat.rac SUCCESS d 0h 25m 49s Preparation Sonar Analysis Build Save Artifacts 105.014 1309.388 29.486 101.647   Need to add another column in output "stage_duration" which will convert "Duration" field value in  "Day Hr Min Sec" format. 

Hello Splunkers, Splunk crashes on our Linux core servers (Master, Search Heads and Heavy Forwarders, indexers are not affected) with "ENGINE: Bus STOPPED" errors.  When I check splunkd status on host, it turns out that: se1234@z1il1234:~> /opt/splunk/bin/splunk status splunkd 130820 was not running. Stopping splunk helpers...Done. Stopped helpers. Removing stale pid file... done. It is an intermittent issue. Today in the morning we had this issue on SH1, yesterday on another SH2 and a week before on SH4. We have checked Resource usage and there is nothing shown in DMC that may cause splunkd to crash (e.g. high CPU usage) Any idea what is worth checking or how to troubleshoot? Greetings, Dzasta