Hello, I have issues getting expected field value pairs using following props and transforms configuration files. Sample events and my configuration files are given below. Any recommendation will b...
Hello, I have events in this format: <servername> <metricname> <epochtime> <metricvalue> These events comes from HEC to an heavy forwarder and are then forwarded to...
I have defined stacked bar chart in my Splunk Enterprise Dashboard. I've been trying to solve this problem but I cannot solve them.. 😕 Please help me out. These are the problems that I encountered:...
I have a Splunk 9.0.4 estate on Windows 2019 with the following: Search head 2 x indexers Cluster master/deployment server I'm trying to automate all deployments of apps to forwarders and all configur...
Hello everyone, I'm a newbie, so please be gentle.
We are using Amazon Linux 2. Our configuration has a Universal Forwarder co-hosted with a Jenkins controller node. The UF is m...
When one configures the indexer cluster for SmartStore, does each indexer get its own S3 bucket? Or is there just one very large S3 bucket and all indexers write into the same S3 bucket (s...
Hello all - Trying to get Azure Event Hub data to flow into Splunk. Having issues configuring it with the add-on for Microsoft Cloud Services. I have configured an app in Azure that has Reader &a...
...aster] We currently are only backing up the index files which is very risky so I need to get the configuration backed up as well. From reading the documents it seems that generally we only n...
...ersa). I realize this can be done pretty easily through the GUI though normally the configuration is handled centrally.
Having come up empty looking through the content of the app/package, is it p...