Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
10,000 results
Sort by:
10-05-2021
07:00 AM
Hi, I deployed the Exchange Addon TA-Windows-Exchange-IIS in our exchange servers and I confirm that I see IIS events coming in. The problem is that the events have two different IPs , one at t...
- Tags:
- exchange
Labels
- Labels:
-
configuration
01-22-2018
08:49 AM
1 Karma
...egardless, it doesnt make sense that TA-Windows-Exchange-IIS sets sourcetype=MSWindows:2008R2:IIS when it misses out on the dynamic IIS log parsing.
How can I make all the Exchange dashboards p...
12-06-2024
11:10 AM
Hi, My dashboard has 2 inputs, i.e dropdown , time picker. I have a requirement where I need to provide both inputs then only my panels should appear. I tried the same ( below dashboard c...
08-14-2024
12:12 AM
...vents{}.tags.A" | inputcsv append=t Map.csv | stats D as D by C | table "events{}.tags.A" "events{}.tags.B" "events{}.tags.C" "events{}.tags.D" _time | collect index=_xyz_summary marker="s...
Labels
- Labels:
-
lookup
08-28-2024
03:46 AM
Hello, Need an urgent help. I am using REST API Modular input and the problem is i am not able to set the parameter for event breaking, below is the sample log. { "User" : [ { "record_id" : "2...
Labels
- Labels:
-
JSON
09-17-2024
12:19 PM
Imagine, if you will, table view lookup that has been setup to pull the Host name, the environment (Dev/Test/Prod) and the Server type (Database, Web App, SSO, etc...) and the application the s...
Labels
- Labels:
-
calculated field
-
field extraction
07-31-2024
07:33 AM
...ecure | cron | messages
Hope this makes sense there are multiple subdirectories, the end goal is to monitor secure, cron, and messages
I wrote this stanza within inputs.conf and the configuration d...
Labels
- Labels:
-
inputs.conf
-
Linux
-
universal forwarder
06-04-2024
12:53 PM
Hi, I just installed a index cluster and i already know that i shoud place Apps to $SPLUNK_HOME/etc/master-apps/ directoty at my manager node to distribute it accross all indexers but i have 2 q...
Labels
Show results in replies (4)
-
...e necessary, depending on the app. Inputs.conf should be removed or all inputs disabled, for e...
-
I have one more question. Can I use one Heavy Forwarder for all apps with script inputs, or would i...
-
Thanks for your reply. I notice that almost every app uses script inputs (e.g., Splunk Add-on f...
-
...ses script inputs. Of the thousands of app in splunkbase, comparatively few use input scripts. 🙂
05-26-2024
05:45 AM
Hey all, I'm building new dashboard that contains 2 multiselect values: Site: USA, Romania, Turkey.... (only countries) Campus: USA1,USA2,Romania1,Romania2.... (contains the country's name and num...
Labels
- Labels:
-
subsearch
11-21-2024
03:29 AM
I'm aware about the fact to remove the inputs.conf before installing the TAs collecting the logs on the SHC but if the inputs are still present in the disabled state I'm getting errors l...
Labels
- Labels:
-
troubleshooting
Show results in replies (8)
-
There is no significance of MSCS inputs when I output the content from "splunk show config inputs...
-
Did you check the btool output? Inputs shouldn't normally be run when disabled. That's the whole p...
-
Ahhhh... one more thing. I think the error can persist from before you disabled/deleted the inputs....
-
I'm afraid to say I removed the inputs last week but still I can see errors in last 15 minutes ☹️
-
Yes, I have already checked the btool output. Nothing shows up when I run the command as the inputs...
-
I am curious about this, could you say which TA is trying to initialize the modular input even if t...
-
...othing should be started. Maybe your settings were not applied. Check output of "splunk show config inputs...
-
@PickleRick Wanted to inform you that those errors are gone once I upgraded the TA to latest v...
