Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
21 results
Sorted by:
09-15-2020
12:22 AM
...est_indexer") stops indexing any incoming and local data completely after I add the following configurations: /opt/splunk/etc/system/local/inputs.conf [monitor:///path/to/my/file.log]
index = m...
Labels
01-28-2021
01:59 PM
...IME_FORMAT", etc. Anytime I've made these changes and re-started Splunk, I am able to see them when I use the btool command to check for props settings, so they do seem to be picking up. However, in my G...
Labels
- Labels:
-
configuration
-
troubleshooting
12-28-2020
03:00 PM
...AX_EVENTS (256) was exceeded without a single event break. Will set BREAK_ONLY_BEFORE_DATE to False, and unset any MUST_NOT_BREAK_BEFORE or MUST_NOT_BREAK_AFTER rules. Typically this will amount to t...
Labels
- Labels:
-
configuration
08-05-2013
03:33 PM
Arg this is so frustrating.
I cant find the nix_action_lookup and I can't find the IDS config.
How do i troubleshoot this error.
Is there a btool shortcut to find where this permissions i...
04-05-2015
06:29 AM
1 Karma
...nd ps_sos.sh).
On 1 idx-cluster peer I have the following sets of configurations dumped using btool:
From indexes - (only showing configs that are not from the default indexes.conf)
/opt/s...
03-08-2021
11:38 AM
...xport = system btool props check shows that all the objects are applied as expected. How to troubleshoot this issue? Where to start from?
Labels
- Labels:
-
configuration
-
troubleshooting
03-09-2021
07:18 AM
I have two separate deployment apps going to separate classes. One we'll call A is working great with full event filtering and blacklisting via $XmlRegex in inputs.conf see below: w...
Labels
- Labels:
-
configuration
-
troubleshooting
10-21-2019
02:39 PM
...ownloaded from master nor managed by local deployment client. Either define this index at the master or specify repFactor=0 on peer to skip replication.
[Critical] App='system' with replicated index='_...
02-27-2017
11:52 AM
Hi,
I was wondering is there a Splunk command to find out configuration errors? For example, LINE_BrEAKER in props has a typo. So is there anyway we could find out these types of errors?
04-29-2019
01:15 PM
Running a Splunk light instance with Linux/Universal Forwarders and I can't seem to filter out data. Reading up doc's, I understand that UF's do not support/read custom props/transforms, so I've configur...
Labels
- Labels:
-
configuration
-
troubleshooting
