Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
2,000 results
Sorted by:
04-29-2022
03:55 AM
I've recently installed Splunk_TA_nix and started using the "ps" script. The data is ingested into my ES. However it is not translated into CIM Endpoint.Processes object, because it lacks "r...
Labels
- Labels:
-
configuration
08-26-2014
08:12 AM
I'm working to deploy Splunk in an HPC environment and am trying to set up some metrics queries that I didn't see in the Splunk for *nix app. Specifically I'd like have a timechart that show cpu util...
11-01-2013
11:43 AM
2 Karma
...ERNEL" = "xAIX" -o "x$KERNEL" = "xHP-UX" -o "x$KERNEL" = "xDarwin" -o "x$KERNEL" = "xFreeBSD" ] ; then
assertHaveCommand date
assertHaveCommand ps
CMD='eval date; L...
Show results in replies (3)
-
...witch for ps. It's using ps in this script, to get the SystemUpTime field. I've just updated my copy o...
-
it was already set in the ps.sh script, which is how I stumbled across it. I tried to copy/paste t...
-
...hrough authoring some of this add-on: http://jreypo.wordpress.com/2010/02/01/unix95-and-ps-command/
04-06-2022
12:55 PM
I have Splunk_TA_nix installed and ps.sh enabled on my Apache storm nimbus instances. I can run a general ps sourcetype query on a service I know should always be running like rhnsd and get e...
Labels
- Labels:
-
index
-
inputs.conf
-
Other
-
props.conf
-
sourcetype
03-19-2010
04:45 PM
We get an alert from sourcetype=ps as a result of running this save search: (authentication failure) OR (Account * too many attempts) OR (Failed password) startminutesago=5
We turned off the *n...
- Tags:
- alerts
- configuration
04-02-2020
11:11 AM
...he TA_nix ps sourcetype. The rub is that it's for a two node cluster, so when one host is down and the other one is still up then the cluster as a whole is still up, and that's what they want..
A...
03-16-2017
06:01 PM
Hello!
I'm trying to calculate values based on deltas of ps fields, grouped by PID - ie, I want to refer to the previous timestamp but for the same PID. Obviously there are many PIDs listed for e...
01-30-2011
04:11 PM
I have setup a splunk server and one lightforwarder client. This is configured to send the output of ps every 30 seconds to the server.
On our applications servers, I can easily count the number o...
- Tags:
- search
02-21-2018
02:09 PM
Once installing Twilio and perimeter security to my machine with my Splunk enterprise, what do I do to configure perimeter security? There's no real guide on what to do afterward.
07-29-2019
03:11 PM
ignoreOlderThan is only for monitor
current_only is only for WinEventLogs
So how do I do this for the Exchange app .ps1 scripts? E.g. these? They do automatically backfill by default, and consid...
