Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,371 results
Sort by:
04-17-2023
12:00 AM
...t;query> | makeresults | fields - _time | eval data="$service_tok$" | eval condition=case(match(data,"\*"),"show_all",match(data,"Windows") AND match(data,"NIX") AND match(data,"VMWare"),"s...
Labels
- Labels:
-
using Splunk Enterprise
01-07-2025
01:06 AM
Hello, I have a requirement to collect and monitor logs from several machines running in a private network. These machines are generating logs that need to be sent to Splunk Cloud for monitoring. ...
Labels
- Labels:
-
configuration
-
using Splunk Cloud
07-24-2025
05:52 AM
I am attempting to run a query that will find the status fo 3 services and list which ones are failed and which ones are running. I only want to display the host that failed and the statuses of...
11-22-2011
11:08 AM
15 Karma
When you have more than a few forwarders to maintain, it becomes tedious (and error-prone) to install them one-by-one. Using the Deployment Server is great for keeping the configurations up-to-date ...
11-26-2015
07:04 AM
3 Karma
Facing issues with KVStore on Enterprise Security. Dashboards show an error "Unable to load results". Is there any command to check KVStore status?
07-09-2017
11:06 PM
Hi All,
We wanted to monitor our *nix environment using Splunk, what is the best approach 1)Setup splunk enterprise and use Splunk App or 2) Setup splunk forwarders and use splunk Add-on??
We h...
01-31-2023
06:55 AM
Hi We are having multiple UFs running on old version and i wanted to upgrade them to the latest version using Deployment server using Scripts. can you please help me how to do it. ...
- Tags:
- installation
Labels
- Labels:
-
Linux
-
universal forwarder
-
Windows
11-22-2019
08:21 AM
Hi, I have a Timestamp field as Fri Nov 22 03:37:15 UTC 2019 and I want to convert into YYYY-MM-DD HH:MM:SS:6Q format.
Have tried using | eval InputTime=strftime(Timestamp,"%Y-%m-%d %H:%M:%S.%...
06-08-2018
12:42 PM
1 Karma
Hello,
For planned test environment with ES I'm trying to see what fit better to my scenario.
I can see that Splunk Add-on for Unix and Linux can read the auditd via some script. I found also th...
11-24-2020
12:04 AM
Want to count all events from specific indexes say abc, pqr and xyz only for span of 1h using tstats and present it in timechart. Tried this but now working | tstats count WHERE earliest=-1d...
