Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
118 results
Sorted by:
09-30-2020
03:48 AM
...m basing my analysis on the following topic: Get metrics in from other sources. I've managed to create a search that converts my event data into the format that is required by the metrics_csv sourc...
Labels
- Labels:
-
index
-
Other
-
sourcetype
-
time
12-27-2021
07:26 AM
1 Karma
I am taking events from three source types (same index; two common fields present across all three) and creating a table with the results. The events are indexed using a "timestamps" field that is p...
05-07-2018
12:58 AM
...ome of the dimenstions from the source field.
According to the docs something like that is possible for nearly all other methods of importing metrics, but not for CSV files.
Is there any way I c...
11-03-2020
04:46 AM
...bove situation only with UFs internal logs, we simple cannot query for the source and check its earliest coz we dont have access to indexers containing actual logs. I checked with metrics.log but it w...
Labels
10-09-2019
06:05 AM
...econd part of some other record beginning from some arbitrary location and then concatenates them together. Splunk then indexes this new record but it is throwing our metrics off.
We first came a...
09-29-2017
12:03 PM
7 Karma
...Running aggregate metric sources (like my example above - total power consumed in an hour) become very challenging with current, duplicate metric logic
Clustered environments raise the risk of get...
03-24-2022
09:43 AM
Looking to measure heavy sources and track how much is getting indexed per day by source. the main problem is our Splunk admin team cannot give us access to the _internal index, so i cannot run t...
10-11-2017
02:55 PM
...crease in logs that came in the day of and after that the logging levels dropped to almost none with only the UF metrics getting indexed but no other logs.
• Host OS: Red Hat Linux 7.3
• Syslog s...
09-20-2012
03:41 AM
...hem) or from IT security "how can I see all the sources of data that we are monitoring and where they are being monitored for the whole environment, so we can make sure we are covered".
I have n...
05-29-2020
01:02 PM
I have my inputs.conf setup like so:
[monitor:///var/log/java]
disabled = 0
index = myindex
sourcetype = metrics_csv
whitelist = metrics.*.csv
CRCSALT = <SOURCE>
But even though each f...
Labels
- Labels:
-
inputs.conf
