Hi folks looking for some expert opinion.
my logs contains many diff files. I want to capture the startand end time for each file
the logs looks like this
timestamp 202301_filex_a_b.z started...
I have a weird issue with the TA-pfsense TA.
I can getlogs in for about half a second and then they just mysteriously stop.
A packet trace shows the logs are still being sent and the port is r...
...R jobName2 OR jobName3) AND "Starting"
| rex field=_raw "Batch::(?<aJobName1>[^\s]*)"
| stats count AS aCount1 by aJobName1
Then I only want to keep log events that have no "Completed" e...
hello
recently my Splunk not start, it happens suddenly,after i notice splunk web not work,login to windows server and see it crash and have auto restart,after that i start splunk but get t...
...s
index="ereg-prod" source="jobs.*log" | transaction startswith="Start : Before Job" endswith="End : After Job" | rex field=source "/*/logs/job-(?\S+).log"
I tried time chart and _time what is t...
...f your network and is included with your Splunk Cloud Platform, available at no additional cost. Learn more about the Edge Processor solution, including resources to getstarted.
With Edge P...
I have encountered a problem where I cannot get the Splunk service to start after changing The $SPLUNK_DB variable in /opt/splunk/etc/splunk-launch.conf. What I’ve tried and further b...
...stallation/InstallonLinux
And followed the first run instructions here:
http://docs.splunk.com/Documentation/Splunk/latest/Installation/StartSplunkforthefirsttime
When starting splunk, the start p...
I have been trying to get the Cisco eStreamer eNcore app to work and since rebuilding the FMC host, and using a routable IP instead of a management IP. The eStreamer Client Status shows Disabled. H...
Hi all, i have configured andstarted the Splunk Add-on for VMware v 4.0.5 on two heavy forwarders. Unfortunately will the port 8008 not be available after restarting the Splunk instance. I get e...