...nterprise version. I understand that Cloud version appears to be an ideal solution because there is no hassle of the management of servers hosting Splunk enterprise version. But I want to understand if the...
...ot of the previous worker's searches, and I'm trying to understand how they all work. Right now I'm looking at a search that is part of a larger dashboard, and whenever I want to run this bit as an i...
Hello Team, Can anyone please help me out to clarify the following query and a better approach for deploying the Observability solution? I have an Application which is deployed as High A...
...o perl language works) I'd mostly appreciate a working solution beyond defining all possible list values in a lookup file 🙂
Many thanks in advance,
Ekke
Hey I am getting this error in splunkd log file, I am unable to understand what is the error. The error is
SearchOperator:kv - Invalid key-value parser, ignoring it, transform_name='d...
Using Splunk 6.3.1. I have been given a list of about 2000 events that need to be "deleted" from my index. (I do understand that using |delete only hides the data...that is fine). I will be g...
Hi Community,
I have this problem about data correlation, here's the detail.
The source file is a test result summary named summary.xml, and it's not time sensitive. Splunk will parse the f...
Hi community,
I have a problem with the add-on Fidelis solution EDR setup, I did not understand this error described below, After filling in all the requirements.
Hello there,
The deal is that I have 2 forwarders that have exactly the same logs (I'm using 2 forwarders not to have a SPOF) and I want to find a solution to not have duplicated logs. I thought o...