Hi all, I have been trying to make a search where i can monitor the expired user accounts. So far i have this | ldapsearch search="(&(objectClass=user)(!(objectClass=computer)))" a...
We have a few instances hosted in AWS that are extremely underutilized (single digit avg. cpu% for the 3 months. The AWS compute optimizer has recommended the following changes to the instances C...
...ventCode=4776
EventType=0
ComputerName=XXXXXXXXXXXXX
TaskCategory=None
OpCode=None
RecordNumber=6063330
Keywords=None
Message=Splunk could not get the description for this event. Either the c...
...ocation values to 1 line, like:
If I mouse over the different Locations on the right, the line color in the graph changes to that Location's color. By now I have tried following at least 10 o...
...nput.conf:
[monitor:C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/]
host_segment =7
By above configuration I am getting host name as default name of my computer.
Is my settings are c...
...ssue I have is that this converted_time is showing an offset time. From what I gather it's showing the time in the local computer timezone (e.g. GMT -6 where the user is logged in from) even though t...
I have a processes dashboard, with two dropdown menus: Computer and Process Name. Not all computers have the same processes running, so I don't want to pull all possible processes (from all computer...
Here is an interesting question. I want to plot the number of computers that changed from one value to another each hour. The data may look like the following simplified example:
_time, h...
I am getting logs in Splunk. But the logs are in improper format. So I want to make changes so that all my logs should be indexed in a proper format.
Below are the format of the logs. Please help m...