Hi, I am trying to install "SplunkMetricsWorkspace" for Splunk Cloud following docs.splunk.com/Documentation/SMW/1.0.1/Use/Install#Install_the_Splunk_Metrics_Workspace_on_Splunk_Cloud. However I c...
Hello all, How to add another column from the same index with stats function? | makeresults count=1 | addinfo | eval days=mvrange(info_min_time, info_max_time, "1d") | mvexpand days | eval _...
I need to get the list of .conf files. On running my below Splunk Query,
"| rest /services/configs/conf-props"
it returns the conf objects, but I need to find the .conf files instead of o...
Not working SEDCMD in my props.conf /opt/splunk/etc/system/local/props.conf [ActiveDirectory] SEDCMD-mask_ms_pwd = s/(ms-Mcs-AdmPwd\s*=)\s*.*/ms-Mcs-AdmPwd=*******/ &n...
Security said Splunk Mongodb is vulnerable, it needs to be updated from version 3.6.17 to version 3.6.20. I already upgraded Splunk Enterprise to the latest version but Security said this did n...
...lthough a regular curl works (adding a sample metric through HEC). In the end I got around this by using the old method http_write plugin. So I have now themetrics in, but it does not seem to be w...
...efore _ ) | rename \d+_* as * | rename \w{5}_* as * Could anyone please help me to solve this problem? How does this problem come from? Originally I created a timechart. As illustrated, the...
...0000 | stats count by host
This returns statistics results, but does not trigger an alert.
I've found the alert creation functionality in theMetricsWorkspace to be somewhat limiting, and w...
I have configured theSplunk Add-on for Google Workspace on a Heavy Forwarder that is performing data collection and then forwarding the data to Splunk Cloud.
We followed the instructions at&n...