I made a clone of an existing and empty XML dashboard as the means to start a new studio one. I added text boxes and an image. All looks fine in edit mode. Anytime I save and click View, the d...
...ilelog receiver gives a way of configuring a place to gather logs. What about other filtering options, like ones based on severity or a specific phrase in the log’s body?
Everytime we createa new pipeline...
...85, in decorate\n settings.cache(), record ).create()\n File "/opt/splunk/etc/apps/TA-eStreamer/bin/encore/estreamer/metadata/view.py", line 532, in create\n if(self.__isHex(hex32)) :\n...
...ata, and then write that data to a destination. All pipelines are defined entirely in SPL2 (either when directly manipulated in the code editor for Edge Processor, or indirectly created via the GUI f...
...ust doing a field extraction of a number of key fields, and our setup is a 6.6.3 Search Head talking to a 6.6.2 index cluster.
Many of the fields he's trying to put into the table are created out o...
...ocumentation/Splunk/6.4.3/Data/Configureindex-timefieldextraction
I understand we have at least 2 ways to deal with these scenarios.
1 - Create new sourceTypes, where name of the sourceType is the name o...
I'm currently trying to createa custom command to handle a multivalue lookup without having to run
|mvexpand
Using MVexpand on large records with multivalue fields will multiply the number of r...
...estrict results by role. It is apipeline search, so I can't createan eventtype. My understanding of summary indicies preclude their use. My thinking is the only way to do it is to createan app, b...
...esponse times, and traffic volume. Orca: The orchestration engine. It handles all ad-hoc operations and pipelines. Monitor task execution times, task failure rates, and queue length. Clouddriver: R...
I am searching through postfix email logs and trying to put all the revevent logs together for each email. I am also setting up the search in aview so that our email admin can just type in the s...