Hello Splunkers, I am used to use the following command to decrypt $7 Splunk configuration password such as pass4SymmKey or sslConfig. splunk show-decrypted --value '<encr...
Hello - I'm trying to pass a dictionary into a format code block: for example: my_dict = {"hello":"world", "foo":"bar"}
and in the format code block i have: Contents of dictionary: {0}
w...
Hello! We keep going over our license usage. We cant seem to find what is causing us to go over. we've gone over 3 times now. Any suggestion on how to find what is causing this, please?
...eturns the top 10 windows hosts with the most CPU usage, essentially I need a query that would calculate and return that. I can find the windows hosts under the _internal and perfmon indexes. I...
We are rolling out a customer service chatbot. Has anyone needed to collect the data such as input/output and logs between an chatbot and OpenAI to monitor it in Splunk? If so, what did you use to GD...
Hello I have great difficulties to understand where to begin for using the CIM datamodel Is anybody can clearly summarize the different ways to apply a CIM datamodel in my own apps? Thanks in adva...
Hi, I want to find out how many license warnings there is in the current 60 day rolling window. Why is there not an easy way to find this? Surely this should be included in the license usage r...
we are using iplocation command i see that the GeoLite2-City.mmdb file is since 2019 [splunk@ilissplsh01 bin]$ ll /opt/splunk/share/GeoLite2-City.mmdb -r--r--r-- 1 splunk spl...
Currently we are looking ingesting events that have multiple eventIDs that log in new lines. We want to have those appear as one event in splunk since trying to run a "| transaction event_id" slows o...