All Topics

Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.

All Topics

Hi everyone, I'm doing machine learning on machine data and trying to predict whether my machine will be knocked out or not. I have difficulties to use the Machine Learning Toolkit module since... See more...
Hi everyone, I'm doing machine learning on machine data and trying to predict whether my machine will be knocked out or not. I have difficulties to use the Machine Learning Toolkit module since I try to predict rare events (knockouts). As a result my algorithms predict almost always OK and the accuracy is good, while for me it is very bad. (1) I have tried to add new templates in the module configuration files but I can't do it. I don't know where to put my commands from scikit learn in the .py script (in init or fit, I don't really know the difference). (2) I also wanted to add a preprocessing to allow data resample but it's the same as problem number 1. (3) I would like to review the way the module cuts the train and the test and I don't know if it's possible. I don't want it to be random, I want my classes to be balanced in the train. (4) I would like to do cross validation but it's the same problem I don't know if it's possible. I have a lot of questions so if you could help me I would like to do it ! Have a nice day !
Hi Experts, In my tabular dashboard i want to redirect into another URL in row click. index = generic| table resource , owner, results_link , date, timeHMS I want to redirect my page that co... See more...
Hi Experts, In my tabular dashboard i want to redirect into another URL in row click. index = generic| table resource , owner, results_link , date, timeHMS I want to redirect my page that come in results_link, and I result_link field not visible in table dashboard. for this i try: <dashboard> <label>xyz</label> <row> <panel> <table> <search> <query>index = generic| table resource , owner, results_link , date, timeHMS</query> <earliest>-24h@h</earliest> <latest>now</latest> <sampleRatio>1</sampleRatio> </search> <option name="count">50</option> <option name="dataOverlayMode">none</option> <option name="drilldown">cell</option> <option name="percentagesRow">false</option> <option name="rowNumbers">false</option> <option name="totalsRow">false</option> <option name="wrap">true</option> <fields>["resource" , "owner", "date", "timeHMS"]</fields> <drilldown> <link>$click.value2|n$</link> </drilldown> </table> </panel> </row> </dashboard>
Hi, I have below a table with fields (hourTime, appName, Fail). This table tells you how many transactions are failed for the Particular application in that hour. Please help me to create the he... See more...
Hi, I have below a table with fields (hourTime, appName, Fail). This table tells you how many transactions are failed for the Particular application in that hour. Please help me to create the heat map by using these fields as hourTime as X-Axis and appName as Y-Axis. I am trying for "Heat Map Viz" please find the link(https://splunkbase.splunk.com/app/4460/#/details) Please help me is there any better Visuvilizations also to Display this. Please help me . Thank you very much in advance
How to change the color of the value based on the range in statistics table visualization
This is the text which is being print in our app logs : throws abc.xyz.error.AppException,java.rmi.RemoteException, with 1 error(s): [Error in object 'MyAccountRQ': codes [Password must not contain... See more...
This is the text which is being print in our app logs : throws abc.xyz.error.AppException,java.rmi.RemoteException, with 1 error(s): [Error in object 'MyAccountRQ': codes [Password must not contain spaces and must have 6-30 characters.MyAccountRQ,Password must not contain spaces and must have 6-30 characters]; the text in the [text] bracket could be different errors, I need to print it as" codes [] " in format. Can anyone please help I tried with simple search query with but that doesn't serves the purpose. Please help, I am a learner of splunk.
i created an app for some reports,i export as spl format.how i can secure my source query from user's?any kind of source encryption method is there for source query?
hy all, The user has a request to monitor the jboss connection pool, then I use the link below to be able to monitor the jboss connection pool: https://www.appdynamics.com/community/exchange/jbo... See more...
hy all, The user has a request to monitor the jboss connection pool, then I use the link below to be able to monitor the jboss connection pool: https://www.appdynamics.com/community/exchange/jboss-monitoring-extension/ but after I did the steps in the link, I didn't get any results, I attach the log of machine agent and JBossDatasourceMonitor, maybe it can be a tool for you to analyze my error. https://drive.google.com/open?id=1l1rMQgMCsmoz_8sM5GfJJa-aC5HUWahh thanks shandi aji
I have a situation where I have a defined field that has a large amount of data but I am interested in only one part of that field Status : 2 Apologies as I am new to Splunk and I am lower than ele... See more...
I have a situation where I have a defined field that has a large amount of data but I am interested in only one part of that field Status : 2 Apologies as I am new to Splunk and I am lower than elementary level on this, but how would I extract this value from the field? If rex, how would I set this query? = (garbage) Status : 2 (garbage)
I know similar questions have been asked a number of times but trying to follow the suggestions given I still cannot get it to work. Perhaps I need to modify the output of the powershell command to c... See more...
I know similar questions have been asked a number of times but trying to follow the suggestions given I still cannot get it to work. Perhaps I need to modify the output of the powershell command to create a key/value pair for name+status? I want the search to show start/stop status changes which we'll use in an actionable alert. Output items should include host, apppool, time of last change, and current status. The Get-IISAppPool output (ingested into Splunk) looks like this:
I am new to Splunk and reading about load balancing. According the Splunk documentation we can setup load balancer to distribute the search requests to search head members. Then search head will que... See more...
I am new to Splunk and reading about load balancing. According the Splunk documentation we can setup load balancer to distribute the search requests to search head members. Then search head will query indexer cluster to get the required data. For example My indexer cluster having three members. Is there any load balance will happen in indexer cluster for the search head requests?. I am not seeing any clear concept describing how the search head requests are handled by indexer cluster. All requests distributed evenly to indexer members or any other logic presents?.
Can someone please help me parse the field of FunctionArn for the account id value ( "65123456723" in the example) from the within a search that I can use to pass to a lookup to get the "friendly" a... See more...
Can someone please help me parse the field of FunctionArn for the account id value ( "65123456723" in the example) from the within a search that I can use to pass to a lookup to get the "friendly" account name of that account id? .... FunctionArn: arn:aws:lambda:us-east-1:65123456723:function:blah-renew-this-today .... thank you!
I need to create a dashboard with list of all other dashboard names and when I click a dashboard name it has to display that dashboard in the same dashboard but not in the different page,Please help ... See more...
I need to create a dashboard with list of all other dashboard names and when I click a dashboard name it has to display that dashboard in the same dashboard but not in the different page,Please help me out.
Does anyone have examples of how to use Splunk Phantom to investigate and remediate phishing emails?
Does anyone have examples of how to use Splunk Phantom to hunt for threats?
Does anyone have examples of how to use Splunk Phantom to protect an EC2 group from malicious traffic?
Does anyone have examples of how to use Splunk Phantom to determine if an IP address is malicious?
Does anyone have examples of how to use Splunk Phantom to automatically contain malicious insiders?
Does anyone have examples of how to use Splunk Phantom to investigate and remediate malware infections?
Does anyone have examples of how to use Splunk Phantom to prompt an analyst to block an endpoint?
Does anyone have examples of how to use Splunk Phantom to investigate and contain ransomware?