Do use the following extension https://developer.cisco.com/codeexchange/github/repo/Appdynamics/url-monitoring-extension where I monitor URL. Custom metric gives a status of either 0, 2,3 4 UNKNOWN(0) FAILED(2) ERROR(3) SUCCESS(4) But using other than a timegraph does not give me the information because it is important to know the percentage of when is 0, 1,2,3 (DOWN) or 4 (UP) So Timegraph shows me when someting is down, but i want also to add this custom metric to a expression like: percentage of 0,2 & 3 (DOWN)    and percentage of 4 (UP) and show this in a pie or gauge or metric value . For me this above does not seems to work with the calculation (how many percentage over time are 0-3 and how much is 4 in percentage) Minimum: Minimum value, only available for averaged metrics Maximum: Maximum value, only available for averaged metrics Value: Contains the average or the sum across the time range depending on the metric Sum: Aggregated value of the metric over the time range Count: A count of the observed values over the time range Current: The sum of the most recent minute's metric data value across all the included nodes Secondly is it possible to put this custom metric into Analytics ? and therefor make better calculation possibilities

Hello, I had  PagerDuty App for Splunk | Splunkbase installed on our instance of Splunk and when I went to the setup page and put the API and integration url in and it confirm nothing happened. When I checked on the browser console I saw there were two 404 (not found) errors.   splunkd/__raw/services/properties/alert_actions/pagerduty/param.integration_key?output_mode=json&_=23232443242   When I tried clicking confirm I receive another 404 error.   There there's no alerts_actions.conf in the pagerduty local folder and there is one in default I checked the security rights and they all seem fine.  I tried making a local dev instance to see if I could break the permissions and replicate the error but it worked fine everytime and created a alerts_actions.conf in the pagerduty app local folder.   If anyone knows a solution to this problem I'd greatly appreciate the help.  My current theory from the initial 404 error and URL chunk I included, is it keeps looking for the alerts_actions.conf in the local folder.  So if I manually created it with the proper stanza and fields that might let me setup PagerDuty.  As to why it's not actually creating it I'm not sure since the permissions all look good. thanks

Hi. How I can compare load during the same time every day for business days? I.e. time 11:oo AM - 7:00 PM on Monday, Tuesday -----, Friday ----------------- Monday - 3200 Tuesday  - 3300 Wednesday - 5400 Thursday - 3200 Friday - 3100 -------------------- TIA

We are having a connection issue on Splunk Enterprise 8.2.6 on prem with Splunk Secure Gateway 2.7.4, according to the firewall rules the connection port 443 outbound to the host prod.spacebridge.spl.mobi is allowed. We verified the connection using the troubleshooting guide in the documentation by running: curl https://prod.spacebridge.spl.mobi/health_check Also we tried the test for wss connection and we get the correct response: curl -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: echo.websocket.events" -H "Origin: https://echo.websocket.events" -H "Sec-WebSocket-Key: d3d3LnNwbHVuay5jb20=" -H "Sec-WebSocket-Version: 13" https://echo.websocket.events When we run the following rest command:   | rest "services/ssg/test_websocket" request_type="{\"versionGetRequest\": {}}" request_mode=clientSingleRequest     We get this output:   auth_code_status = 200 completed_client_registration = 0 error = 'token_id' server_registration_status = 400 splunk_server = server wss_response = 0   The error traceback in _internal is:   2022-05-09 11:22:58,148 ERROR [rest_base] [__init__] [exception] [4772] Spacebridge error Traceback (most recent call last): File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/helper.py", line 13, in extract_parameter result = obj[key] KeyError: 'self_register' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/base_endpoint.py", line 53, in handle res = self.handle_request(request) File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/base_endpoint.py", line 86, in handle_request return self.post(request) File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/saml_registration_handler.py", line 70, in post self_register = extract_parameter(request['query'], SELF_REGISTER_LABEL, QUERY_LABEL) File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/helper.py", line 15, in extract_parameter raise Errors.SpacebridgeRestError('Error: Request requires %s parameter "%s"' % (source_name, key), 400) spacebridgeapp.rest.util.errors.SpacebridgeRestError: Error: Request requires query parameter "self_register"   Any ideas on how to solve this issue? or continue the troubleshooting?

We have transitioned from ServiceNow calendaring for on-call to Splunk On-Call. Our users are used to getting an email the week before they go on-call and then again as they're entering their on-call week. Is there a way to notify people when it's their on-call week?

Hello, I am looking for a help here, this is a very weird issue that I am facing. I have a requirement to monitor Event ID 4624 and 4625 from a specific set (10) of servers. I have used following inputs.conf, but instead of receiving these specific events data, i am receiving some other event codes such 4670, 4719, 4742, 4738 etc. I have tried almost all possible ways, but unable to understand what's really happening here. [WinEventLog://Security] disabled = 0 start_from = oldest current_only = 0 # only index events with these event IDs. whitelist = 4624, 4625 index = wineventlog sourcetype = xyz renderXml=false

folder1 we have multiple file f1,f2,f3,f4  need to configure all files for different sourcetype below is the query which we have created but did not worked [batch://<path_of the file>] index=i1 sourcetype=s1 whitelist = f1 move_policy=sinkhole   [batch://<<path of the file>>] index=i1 sourcetype=s2 whitelist = f2 move_policy=sinkhole

Hi,   I receive data from a particular product that is installed on various customers, that data is received every 5 minutes, from the jason there is a field named tname and what i am interested in is for every customer (lets say custoerName is the field) check what tname's we received in the last five minutes and compare to the .csv lookup file. I am only interested to show what is present from the returned data that is not present in the .csv.   I hope the above helps?   Thanks

We are using java instrumentation for our applications running on the Kubernetes cluster. The applications are running with a normal user "appuser" , where appd agent is showing an error. MultiTenantAgent Dynamic Service error - could not open Dynamic Service Log /opt/appdynamics-java/ver22.4.0.33722/logs/fixeddeposit-service-cb865796d-jp29w/argentoDynamicService_05-09-2022-05.10.44.log      Running as user appuser      Cannot write to parent folder /opt/appdynamics-java/ver22.4.0.33722/logs/fixeddeposit-service-cb865796d-jp29w      Could NOT get owner for MultiTenantAgent Dynamic Services Folder      Likely due to fact that owner (null) is not same user as the runtime user (appuser)      which means you will need to give group write access using this command:  find external-services/argentoDynamicService  -type d -exec chmod g+w {}      Possibly due to lack of permissions or file access to folder: Exists: false, CanRead: false, CanWrite: false      Possibly due to lack of permissions or file access to log: Exists: false, CanRead: false, CanWrite: false      Possibly due to java.security.Manager set - null      Possibly due to missed agent-runtime-dir in Controller-XML and will need the property set to correct this...      Call Stack: java.io.FileNotFoundException: /opt/appdynamics-java/ver22.4.0.33722/logs/fixeddeposit-service-cb865796d-jp29w/argentoDynamicService_05-09-2022-05.10.44.log (No such file or directory) can anyone help me here?