I wan to take the not reporting clients or not deployed client list UF ( hostname) from the inventory.csv lookup Please advise how do i take the same for example in a d...
Hello team, In order to take an inventory of my Indexers, Forwarders, & host to get started what do I need to do. 1. What would be some SPL scripts would I need to use? 2. Should I be d...
...indows > Host Monitoring > HostInventory, three of the fields are simply saying "Unknown": Computer Name, Service Pack, and Last installed update. I have found the HTML file that generates this p...
Hello,
I am collecting into Splunk computer software inventory periodically sent by all my computers.
Each inventoried software is generating a Splunk event similar to:
host = C...
...bsp; it always defaults to local host or says can't parse the inventory. I tried to use the example in the wrapper directory but still the same issue. anyone have any success with u...
Hey All, I’m a splunk beginner I'm looking to create a query that to be used as an alert, specifically to identify servers not in the _inventory – those not being monitored by Splun...
Hi,
we have a list of hosts of our inventory. Now we want to find all hosts that are in that list, but are not sending to Splunk.
How can we achieve this?
Splunk 4.3.5
Cheers,
Jens
...ddresses) from the export and did a diff against the IT managers list of hostnames/IP addresses and where it wasn’t found, presumed it had not sent logs during that time period. The inventory has a...
I came across a posting that had the following search which works amazingly well:
| metadata index=* type=hosts | eval age = now()-lastTime | where age > (2*86400) | sort age d | convert c...
This is my base query:
index=myindex sourcetype=xyz host="tus" "EventLogger*" AND "Search event" "pcrState=N"
I want to setup an alert for search count on any host or cluster not giving any r...