Hi,
I need help/advice on how to read contents of a file that is version controlled in GIT based application Bitbucket. I have data in a file in bitbucket in json format I want to read the content...
Hi,
I have a config file collected across a bunch of hosts. I started off with indexing the file as a single entry. I am trying to use Splunk to monitor any difference in the content of a file f...
I want to remove the table headers completely from my dashboard so I can just display values in a table with the headers/column names completely removed. I was wondering if theres a way to do this u...
Hello, Below Column Chart Results and visualization, I wanted to show different colors for field Values. like AU Pre & AU Post as one color DE Pre & DE Post as one color.&n...
Hi, I'm trying to update the Splunk UF on a machine, but when running the MSI installer I'm getting a "The specified account already exists" and then the MSI fails to install. I've g...
I notice that the Splunk App for Infrastructure support pages now have a header saying that this product is end of life and will cease be to developed beyond August next year (2022): "On August 2...
Hi Team, I have recently upgraded by Splunk Enterprise instance for my Heavy Forwarder server from Version 7.3.1.1 to version 8.1.2. So when i navigated to /opt/splunk/bin directory and ran t...
...llNullQueue]
REGEX = Content
DEST_KEY = queue
FORMAT = nullQueue
props.conf
[mysrctype]
TRANSFORMS-setnull = allNullQueue
I tried this in a standalone env, version 7.0.3 and 7...
Fairly new Splunk user here looking for Linux auditing solutions. I am running a disconnected version of Splunk Enterprise and thus cannot make use of the content pack which replaced the a...