Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,000 results
Sorted by:
04-19-2019
07:48 AM
...ime By Status' that when I send to a search returns values other than HTTP status codes (200, 401, etc).
I do a pivot of the web data model and select 'status' and 'sourcetype' and I see the p...
12-23-2020
10:40 AM
...he datamodel The problem we have is that when we enter a new user in the loockup, if the data model is accelerated, it never updates the information for this new user, if we do not accelerate the data...
Labels
- Labels:
-
access control
-
other
-
permissions
02-24-2020
10:54 PM
1 Karma
Hello,
I was curious to see if there are any best practices for mapping to CIM data models. More specifically, I'm looking for some guidelines on when (not) to map a certain field to a datamodel....
11-28-2017
12:43 PM
...owtousethesereferencetables , I open "Settings: (Knowledge) Data models" (the Data Model Editor) and then click on the JVM data model. I get a nasty 404 error:
404 Not Found
[Return to Splunk home p...
01-14-2020
08:17 AM
Hi,
I'm sure a similar Quest has already been posted - but I can't find anything regarding my exact problem.
However, I'm using a Data Model to unify about 30 sourcetypes with kinda-similar data...
Labels
- Labels:
-
calculated field
-
data model
05-14-2020
09:57 AM
Hello,
I have a question about modification of data model in CIM:
I would like to add one child dataset to DM "Change". Can I do it by separate application?
What I mean exactly: If I create a m...
Labels
- Labels:
-
configuration
10-29-2015
06:28 AM
2 Karma
I have an environment with a large number of sourcetypes and would like to map those to the appropriate CIM data model. While I generally know about the Splunk commands pivot and datamodel, their u...
07-17-2014
01:48 PM
1 Karma
I'm trying to extract data into a Data Model Attribute Regex. The data I'm trying to extract from the events get logged in a couple of ways. I've been at this a while trying to just extract the data...
10-29-2016
03:18 AM
..., it should grant you the ability to delete them as well. For more information about this see Enable roles to create data models."
08-25-2016
01:35 PM
1 Karma
...ourcetypes predefined and ready to go with eventtypes and tags so they work with Common Information Model Data Models immediately (AWS TA for example). I'm not seeing anything like that for access_combined. A...
