I have a question. I have a table that contains groups of people with their email addresses. I want to use this table in the recipients field when creating an alert to notify users via email. For thi...
I'm creating a custom application in SOAR and one of the fields this custom application provides is a password information, for obvious reasons, I don't want to store the password in the container, r...
My python is 3.8.5 and splunk-sdk is 1.6.16. My Splunk developer gives me a URL and I get its search string to retrieve data as shown below. Below is my search string and additional python...
Hi, Is there a way to determine if an index has stopped logging/has gone inactive? I have tried looking through the docs, but am new to splunk and trying to figure this out. I know we can use metada...
I would like to aggregate the % info in the pie labels, so it will read:
"OK (77%)" instead of OK
"ERRORS (23%)" instead of ERRORS
Is there any straightforward way to do it?
Hi,
I am wondering if one Search Head Cluster can search across multiple Indexer Clusters.
I have found this doc http://docs.splunk.com/Documentation/Splunk/6.3.3/Indexer/Configuremulti-clusters...
As the titles suggests, I'm looking into whether it's possible or not to load balance Universal Forwarder hosts that are also hosting rsyslog. I want to pointedly ask, Is there anyone here doing som...
Splunk 9.0.0 on Windows servers
So I clicked on Apps \ Enterprise Security and I was greeted with that error
App configuration
The "Enterprise Security" app has not been fully configured ...
Hello! So here is a doozy. We have blacklists in place using Regx. In particular this one: [WinEventLog://Microsoft-Windows-Sysmon/Operational] source= XmlWinEventLog:Microsoft-Window...
Hi,
Our default age for all events is 3 months, but there is a specific index that's needs events to still be available for a year. A new storage location has been created and I am ready to make t...