...onsider raising the value in limits.conf.
Any suggestion of where I am doing wrong? Is that possible is my rex(as below) not right?
"^\d+\-\d+\-\d+\s+\d+:\d+:\d+\s+\[\w+\]\s\w+\s+\w+\s+\{\s+\[\w...
Hello ALL, I would like to know is where are anomaly detection Information is stored in ITSI?, I mean any specific Index bucket? or is that a Black Box for us?.I know it is going into "Episode revie...
Hi,
this is a long running issue with splunk creating duplicates as multi-value mv fields when JSON extraction runs at index time and at search time. Especially in a distributed environment it can ...
I think i'm going mad.
I'm a brand new user who's eval-ing splunk, seems powerful but i'd like to get all my logs in time order to show app + iis events together. I have a IIS 6.0 web and have m...
Hello, I am inputting a file into Splunk showing the computers system information extracted from the command prompt. The data file I am inputting input Splunk looks like the first photo below, whe...
I think I am going mad...
I set up a lookup table (points.csv) containing
range,Place,Points
2013,1,20
2013,2,15
2013,3,11
2013,4,8
2013,5,6
2013,6,5
2013,7,4
2013,8,3
2013,9,2
2013,0,1
2...
This is driving me mad - have gone through the documentation and responses to queries in here but still can't get sourcetype overrided by using a transform. I'm missing something, I'm guessing o...
...egex path in the inputs.conf stanza to extract the host from the source path, which could be either a folder or the filename; but is the "source" path nonetheless.
2) Specify a regex for the p...
PLEASE HELP! This has been driving me mad for days! Every time an event is added, its re-reading the text file from the start and re-indexing events. I am getting hundreds of duplicate events and h...