Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
2,000 results
Sorted by:
07-21-2021
10:18 PM
Hi, I am forwarding sysmon logs to splunk, for normalization, I could see event ID : 12, 13, 14 are captured (Registry object added or deleted, Registry value added, Registry value modified) All ar...
Labels
08-01-2017
08:07 AM
I have tags for the name of cameras and then tags for the status of the cameras that I created through eventtypes. Both of these tags are under the same tag category in my data and I want to create a...
03-03-2023
03:10 PM
Hello Is it possible to style the status_indicator.status_indicator_app in a manner like we can for the
"single value" chart? Can code similar to this be used?
<html> <style> #test ...
Labels
- Labels:
-
dashboard
09-08-2021
11:40 AM
...aying "Unexpected close tag" on this line: <query>index="_internal" user!="-" sourcetype=splunkd_ui_access "en-US/app" | rex field=referer "en-US/app/(?<app>[^/]+)/(?<dashboard&g...
04-11-2023
02:53 AM
Hi,
I am creating a dashboard where one of the queries is using the rex command. However, in the XML, I am getting the error "Unexpected cloase tage> at the end of the end of the query. T...
10-02-2021
05:52 AM
Hi what is the rex for "No is invalid. Please ask to a admin" Here is the log: 21:32:26.729 customer modules: type="xsd:string"><response><result>ActionFail</r...
Labels
- Labels:
-
field extraction
-
fields
-
regex
-
rex
06-15-2020
04:22 AM
...he actual server was i.e. web server, DB server etc.).
So my question is:
- Can the hosts in Splunk be tagged with metadata to describe their function?
Labels
- Labels:
-
universal forwarder
10-12-2021
04:36 AM
Hey All, I get no results found for a tag that looks for fields created by a rex. So... sourcetype=DataServices | rex "JOB: Job (?<BIMEJob><(?<=<).*(?=>)>)" i get the f...
01-22-2010
05:39 AM
3 Karma
How many tags can be created before Splunk's performance is adversely affected? And what specifcally is adversely affected when too many tags are defined-- index perf, search perf, or both?
- Tags:
- performance
- tags
Show results in replies (3)
-
...calable beyond a few thousand. Tags were designed to handle expanding to tens or hundreds of values, n...
-
Tags have no effect on indexing or indexing performance, so any effect would only be realized at s...
-
I wouldn't recommend more than 1000 tags, I have seen degradation linked to applications loading a...
11-18-2020
08:18 AM
...bsp; searching from a datamodel "malware". I'll attach screenshots of the datamodel. I'll attach a screenshot of the datamodel. I'm assuming my event didn't match because it was not tagged a...
Labels
- Labels:
-
Splunk Investigate
