I need a list of only those jobName which startwith letter a though m - anycase.
The below does not work
index=log-13120-nonprod-c laas_appId=qbmp.prediction-engine sourcetype="q...
Hi Guys,
In my project environment, every splunkd is installed using splunk user. So I need to create an alert if any splunkd on any splunk server (enterprise or UF) gets startedwith root or any o...
...plunk, I found a problem with the kvstors, and after investigating I found that mongod did not restart (running ./splunk _internal call /services/server/info |grep -i kvstore returned <s:key n...
hello
recently my Splunk not start, it happens suddenly,after i notice splunk web not work,login to windows server and see it crash and have auto restart,after that i start splunk but get t...
Hi there,
I am new to this kind of analysis within Splunk but i've been asked to create a filter on events where the closed date is before the start date.
This is the search I have created but c...
I built up a brand new fresh Splunk environment (on 7.2.1) and am getting an error when attempting to set up the SH cluster.... specifically when starting the cluster captain for the 1st time.
I started...
I have encountered a problem where I cannot get the Splunk service to start after changing The $SPLUNK_DB variable in /opt/splunk/etc/splunk-launch.conf. What I’ve tried and further b...
I have two searches that I am trying to combine into one and keep running into roadblocks. Preferably, I would be able to accomplish the task without using transactions (second search). My goals a...
Hi all,
I'm trying to create a query that gets the number of occurrences of certain Event per month. For that i get the number of elements with the following query:
index=kpis|convert t...