Hi all i wrote a dummy java/quarkus app that fetches html data from any web page. my goal is to see the tier pointing to the endpoints in appdy's flowmap my code @GET @Path("/1") @Produces(MediaType.TEXT_PLAIN) public String test1(){ try { CloseableHttpClient httpClient = HttpClients .custom() .setSSLContext(new SSLContextBuilder().loadTrustMaterial(null, TrustAllStrategy.INSTANCE).build()) .build(); HttpGet request = new HttpGet("https://nylen.io/d3-spirograph/"); CloseableHttpResponse response = httpClient.execute(request); System.out.println(response.getProtocolVersion()); // HTTP/1.1 System.out.println(response.getStatusLine().getStatusCode()); // HTTP/1.1 System.out.println(response.getStatusLine().getReasonPhrase()); // OK System.out.println(response.getStatusLine().toString()); // HTTP/1.1 200 OK HttpEntity entity = response.getEntity(); if (entity != null){ String result = EntityUtils.toString(entity); response.close(); return result; } } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } return "ok"; } path /2 @GET @Path("/2") @Produces(MediaType.TEXT_PLAIN) public String test2() throws Exception{ SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[]{new X509TrustManager() { public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }}, new java.security.SecureRandom()); // Client client = ClientBuilder.newClient() Client client = ClientBuilder.newBuilder() .sslContext(sslcontext) .hostnameVerifier((s1, s2) -> true) .build(); String ssb = "https://self-signed.badssl.com/"; String response = client.target(ssb) //.queryParam("query", "q") .request() .accept("text/html") .get(String.class); // .post(Entity.entity("e", "text/plain"), String.class); client.close(); return response; } start app java -javaagent:/opt/appdynamics-agent/ver21.8.0.32958/javaagent.jar \ -jar /root/quarkus/vintageStore/rest-book/target/quarkus-app/quarkus-run.jar starting logs ... Agent runtime conf directory set to /opt/appdynamics-agent/ver21.8.0.32958/conf [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: AgentInstallManager - Agent runtime conf directory set to /opt/appdynamics-agent/ver21.8.0.32958/conf [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - JDK Compatibility: 1.8+ [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - Using Java Agent Version [Server Agent #21.8.0.32958 v21.8.0 GA compatible with 4.4.1.0 r38646896978b0b95298354a38b015eaede619691 release/21.8.0] [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - Running IBM Java Agent [No] [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - Java Agent Directory [/opt/appdynamics-agent/ver21.8.0.32958] [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - Java Agent AppAgent directory [/opt/appdynamics-agent/ver21.8.0.32958] Agent logging directory set to [/opt/appdynamics-agent/ver21.8.0.32958/logs] [AD Agent init] Tue Oct 19 01:26:51 BRT 2021[INFO]: JavaAgent - Agent logging directory set to [/opt/appdynamics-agent/ver21.8.0.32958/logs] getBootstrapResource not available on ClassLoader Registered app server agent with Node ID[234307] Component ID[94762] Application ID [55102] Started AppDynamics Java Agent Successfully. ____ _ problem is i can not see "Service Endponits" being discovered.

Hello Splunk Community,  Can anyone help me build a query based on the below;   I have built a query which calculates the total duration of multiple events over a period of time.  What I am trying to do now is create a timechart to show the _time on x-axis and duration on y-axis.  I think I need to convert the duration from hours to minutes but not sure how to do this. Below is an example of the output from my original query I am trying to visualise in a timechart;  _time  duration (in hours) 2021-10-12 03:56:30 2021-10-13 04:27:25 2021-10-14 04:21:03 2021-10-18 07:11:04   THANK YOU (in advance)

Hi All, After a bit of googling I've come up empty with regards to being able to identify security issues that have been addressed as part of each Splunk Enterprise version update. Just wondering if there anyone has a link or can provide some details on where I can find this information? I have looked through the release notes pages, but these seem to only list functional improvements / fixes. Appreciate anyone that can help with this.

  Hello, I have an issue writing props configuration for text source file which contains first 2 line (including "----" line) as header info. Please see 3 sample events along with 2 header lines below. I also included the props that I wrote for this source file, but not working as expected....getting some error message "failed to parse timestamp". Any help will he highly appreciated. Thank you so much. Sample data Event_id  user_id   group_id  create_date  create_login  company_event_id  event_name   ----------------- ----------- ----------- ----------------------- ------------ ------------------------- -------------- 105  346923 NULL  2021-10-07 14:13:21.160 783923 45655234 User Login  250 165223 NULL 2021-10-07 15:33:54.857   566923  92557239 User Login  25 1168923 NULL 2021-10-07 16:44:05.257   346923  34558242 User Login    props config file I wrote SHOULD_LINEMERGE=false INDEXED_EXTRACTIONS=csv TIMESTAMP_FIELDS=create_date TIME_FORMAT=%Y-%m-%d  %H:%M:%S.%3N HEADERFIELD_LINE_NUMBER=1

I have some data like the following: NAME Code Suzy 0 John 0 Adam 1 Suzy 1 John 0 Adam 1   I am trying to calculate the ratio of code=1 to code=0, by Name, and display these ratios by hour. The name values are dynamic and unknown at query time. I can get halfway there, using a dynamic eval field name, like this: index=SOME_INDEX sourcetype=SOME_SOURCETYPE code | eval counterCode0{name} = if(code=0, 1, 0) | eval counterCode1{name} = if(code=1, 1, 0) | bin _time span=1m | stats sum(counterCode0*), sum(counterCode1*) by _time   But I can't figure out how to get the ratios of counterCode1* to counterCode0*. Any ideas? Or do I need to approach this problem differently?  

I am currently using a lookup to find matching IDs in my data. The lookup table is like 400k rows and if I use inputlookup with a join or append there is a limit to the amount of rows that is searched for from the lookup table. I am now using just the command "lookup" to find the matching data and it works without any truncating warnings but I'm wondering if there is a limit for this command similar to subsearches. I can't seem to find anything in the lookup documentation. sample search index=some_index | lookup users_list.csv ID OUTPUTNEW username I output a new variable so that I can do " search username=*" since username is a new field and that will give me only matching IDs in my lookup table.

I need to modify the limits.conf for an index cluster. My question is if i modify /$Splunk/etc/system/local/limits.conf can this be done on the cluster manager and pushed out or does this need to be modified on the individual indexers themselves?

I need to index a file: /var/log/file.txt. This file runs every day, but sometimes the content doesn't change. This leaves me with no events on days that remain the same. I need it to index every time the timestamp changes on the file. I believe I need to add crcSalt =<SOURCE> to the inputs.conf in order to reindex it. However, my inputs monitors all files in /var/log. So if I add that to that input monitor, it would likely apply to all files in var log reindexing them all every time. Something I don't want. How can I reindex just this file daily while leaving the other files in the directory unchanged?  Many thanks

I am trying to extract the messages of a commonly used error log:   Creating review recommendations service case activity with errorMessage:  example message one here Creating review recommendations service case activity with errorMessage:  example message two over here    I want to do some graphing of counts of the totals of each individual message, so would like to extract the string and stats count by message. Having trouble extracting the string. How do I do this cleanly? The goal would be to have results for "example message one here" :  X number of results "example message two over here": Y number of results