...ustom event rendering so i can render events without the column that shows splunk's timestamps. I've created an event_renderers.conf file and an eventtype that I use to identify the events I want to c...
Hello,
I managed to get colors by eventtype on my search results following this tutorial : http://blogs.splunk.com/2014/10/05/look-at-all-the-pretty-colors/
However those colors are not d...
I cannot get event type coloring to work strictly by defining a new event type in Splunk Web and assigning it a color. Is there a configuration toggle somewhere to enable/disable event type coloring?
I have recently created a field extraction on one search head that I have assigned all apps and users to read and write and was wondering how long is would take for a change done in one search head t...
Hi all
How do you configure colour coding in general search results. I know i can use the rangemap command but in apps like OSSEC some general results are highlighted in a red border without using...
...bare foo event, which, again, is not what the documentation says will be generated.
I've also tried copying over the etc/search/defaults/event_renderers.conf file to etc/search/local/event_renderers...