Hello, I have successfully integrated Cloudflare with Splunk Enterprise using the pull method. This integration was set up on a Heavy Forwarder, so the logs are first received by the HF before b...
Hello Splunkers,
I have a question, would it be possible to assign a specific sourcetype to some logs inside a input stanza, depending on the content of the log itself (based on the key / fields e...
Hello, I'm having a problem with the colouring of a column in my table. I need to colour the AverageExecutionTime column according to the value of Treshold. If AverageExecutionTime > Treshold th...
...imezone (US/EST). For this we made changes in splunk forwarder (/opt/splunkforwarder/etc/apps/search/local/props.conf) to add: [sourcetype::log4j] TZ = US/Eastern
but still logs are coming with o...
...hen changing the agent log levels? I cannot find a clear answer in the docs. I am assuming we don't have to do any of this because we can request agent log files with a certain log level from the G...
For the installation I do not see the Universal Splunk Forwarder /opt/log/www1 or /opt/log/www2 and am wondering why for that and if there was any changes to it.
How to filter a field from the log where the values change for example please see below, logfile =(result1=0 result2=5 result3=10 result4=14) at 5AM logfile =(result1=8 result2=5 result3=10 r...
Hi,
Earlier we used to receive mimecast held messages in below format:
date=2018-01-15T02:38:00+0000| mcType=mimecastHeld|to=recipient address|from=sender address|reason="Message Hold Applied -...