I have setup the TA-ms-loganalytics on my Splunk enterprise instance, and configured the inputs, i have given the start_date as 08/04/2020 00:00:00 in my inputs configuration, the current data f...
...aaS offerings (Databricks, Azure Data Factory, Cognitive Search...etc) - An EH namespace for networking events (NAT Gateways, Firewalls, Public IPs, APIM, Frontdoor, WAF...etc) so on and so f...
...EPORT RequestId: 288f34e9-5572-4816-d21e-9fcf5965fad0 Duration: 206.64 ms .. I can get all events matching this criteria, but I want to do average, min and max of value present in duration i...
Hi,
How can i login into MS-DOS to make a search ?
I wrote in a DOS window:
splunk.exe search 'host="..."' -maxout 100 > test
and it returns Login failed - Unauthorized
However, i...
Hello,
I'm struggling to convert two status codes (200 and 400) from ms to secs and display the values in a line chart.
tmdEvntMs is the API response time in ms, and httpStatus is my status c...
Hello, Question + answers here :
We were using dbconnect 2 for a MS sql query. the column used for the timestamp was giving us an error BIGINT.
(you can see it by typing index=_internal s...
Hello Splunkers!
TL;DR - Has anyone seen an example log generated by the fix for the 2020-January Critical MS Windows CryptoAPI Vuln? (CVE-2020-0601)
Does anyone know what the exact event e...
Hello Everyone, I have integrated the "MS Teams alert for Splunk" add-on in my splunk cluster. I have added it in to alert action and triggering alerts n number of times. Example: The alert has 5...
Hi All, I configured the MS add-on from a eventhub to gettin in splunk all security alert from Defender for cloud. seems splunk can't collect some alerts I don't understand why. The e...
How would I connect to a non-default instance of MS SQL server? I don’t see any fields in the GUI or database.conf.spec for that. With MS tools or ODBC settings, I’d just specify SERVER\INSTANCE b...