I could then populate a dropdown list with indices 🙂
Somehow I could not get this done, would be cool if somebody could help me 🙂
I would prefer some in-splunk possibilities compared to file-p...
Hi Everyone,
We are trying to develop an integration for Splunk based on our On-demand scanning APIs. We offer on-demand REST APIs to allow users to scan IPs, Domains and URLs indicators to get i...
Hi all, in splunk there is always this icon next to your user for the "Health of Splunk Deployment". You can change these indicators and futures or their teshholds, but I can't find anything a...
Hello, I would like to search our email data for sensitive info ..ie Social Security #'s etc. I have an email dashboard created to ingest our exchange info.  ...
Hi,
I am using a 3rd party tool to get information about different indicators of compromise (eg: domains).
I am getting data from that tool through a rest API.
What I'm trying to do is to e...
I have events which have multiple of the same fields but with different values.
E.g;
Event 1: deviceName="device1" appName="app1" appName="app1" appName ="app1" appName="app2" appName="app2" ap...
Just had to support a user with field extraction issues. While working on it, I noticed the report was still taking a LONG time. Like over 5 minutes. I checked with tstats and the raw event count it ...
A scheduler issue may be described as: - reduced number of completed scheduled searches running during certain periods - scheduler locks up and doesn’t run any scheduled searches for a period of ti...
Hi all. I am generating a dashboard table containing possible indicators of compromise observed on a network. Included in the search that generates the table is... | eval ActionText=if('model'="W...