Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
49 results
Sorted by:
10-24-2019
01:22 PM
I have a correlation search creating notable events.
In the index=itsi_tracked_alerts, I see one event for a given event_id.
But on the Episode review, I see the event being member of several Episodes...
09-01-2020
06:09 AM
...ist of several episodes with status "New" is obtained. However, in the ITSI GUI, in the Episode Review tab, a search for all new episodes over all time returns no results. How is this possible? Any c...
Labels
- Labels:
-
troubleshooting
-
using ITSI
09-28-2020
08:21 PM
Is there any way to filter in only episodes for which a given field, not among those in the 'Add Filter' menu, has one of two values, and no others?
Labels
- Labels:
-
using ITSI
06-07-2021
09:46 AM
I need to create report to find how many notable events have been correlated within Episode review and have been successfully mapped with Incidents in SNOW. In addition which are the f...
Labels
- Labels:
-
troubleshooting
02-21-2019
04:58 PM
I'm very new to Splunk and ITSI. We have created a service for VMware VMs. The Service has several KPIs like memory and CPU. A few of the VMs have CPUs in Critical status. Episode Review shows 0 episodes...
01-21-2019
10:56 PM
Episode page is not loading any data in ITSI app version 4.0.3, We see below errors:
JSON parsing of _raw field= failed with the following error, so skipping event:
JSON parsing of _raw f...
08-07-2021
11:39 PM
Hi Community , We have integrated our itsi cluster to servicenow and tickets are creating fine. but recently observed a strange behavior from splunk itsi that . episodes generated in episod...
Labels
- Labels:
-
other
-
troubleshooting
02-10-2021
07:09 AM
Hello SPLUNK Community! I need to do some Excel analysis on the Episodes in ITSI, breaking them up by various parameters. I might be able to create a SPLUNK dashboard to do this sort of thing, b...
Labels
- Labels:
-
using ITSI
10-27-2020
12:11 PM
I have a NEAP that points back to the correlation search. It breaks on "normal" severity. And the action is to close on break. But the episode review lists it as "new" not "closed"....
Labels
- Labels:
-
troubleshooting
11-02-2021
06:42 AM
...bsp; If I do not want to explicitly name the windows service in the base search how do I include the service name, here ServiceName, beside the entity_title=host in the later created ITSI episod...
Labels
- Labels:
-
configuration
-
using ITSI
