Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
25,182 results
Sort by:
04-09-2026
02:11 AM
Hi All, Can I change cluster colours based on such code? | eval clusterGroup=case(bgp_state="Down","red",bgp_state="down","red",bgp_state="Up","green",bgp_state="up","green",bgp_state="n...
Labels
- Labels:
-
dashboard
03-20-2025
02:44 AM
Hello Experts, I am trying to work on setting up panels with two different queries output based on a filter. I am using the change on condition option <input type="dropdown" t...
Labels
- Labels:
-
other
02-22-2025
04:03 PM
...ncoming sourcetype. So basically use props.conf to catch any sourcetype with ‘metrics’ in its name, and then use transforms.conf REGEX to change the index name from the default ‘<bla bla>_...
Labels
03-27-2025
07:16 AM
...xisting instances, i tried to simply change the serverName in server.conf to the hostname and restarting the Splunk service. Splunk service is starting without complains, but the Monitoring Console r...
Labels
Show results in replies (4)
-
...utbound connection from the monitoring console shouldnt be impacted by the change to the MC Server name. F...
-
...he IP did not change. So endpoints should be able to reach the "modified" server (but may expect a d...
-
...wanted to apply the config to make the name change applied to the apps lookups (splunk_ apps). At t...
-
...everted before the second try. - When changing the servername of the Manager Node, the searchheads a...
03-28-2025
09:02 AM
Hello, I'm having a problem with the colouring of a column in my table. I need to colour the AverageExecutionTime column according to the value of Treshold. If AverageExecutionTime > Treshold th...
Labels
09-17-2024
09:33 AM
...here set up this configuration. Can anyone help me to know where change the database agent name? thank's
Labels
- Labels:
-
Infrastructure
03-06-2025
11:33 AM
Hello, I'm to try changing the sourcetype at the indexer level based on the source. First question is that possible on an indexer. Second would it work with props.conf r...
Labels
- Labels:
-
index
-
indexer
-
sourcetype
a week ago
In SplunkCloud, if I change retention days of an index from 90 days to 1 day, will it forcibly rollover the 89-days worth of logs into DDAA?
Labels
- Labels:
-
configuration
04-09-2025
12:22 AM
Hello, Splunk offers the option of saving changes made in an app via Splunk Web directly to the default directory. By default, Splunk saves all changes made via the Splunk Web interface in the l...
Labels
01-12-2025
06:29 AM
Hello everyone! I would like to ask about the Splunk Heavy Forwarder Splunk-side config: https://splunk.github.io/splunk-connect-for-syslog/main/sources/vendor/Splunk/heavyforwarder/ With those ...
Labels
- Labels:
-
administration
Show results in replies (3)
-
...ne (except for the one manipulating routing) and it exports whole _meta as-is. So you need to change i...
-
I don't want to change how fields are indexed. I just want to reformat the metadata (to use d...
-
...he key::value format. I would like to change that in the syslog output generated by the config on t...
