Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About sushmitha_mj
sushmitha_mj
Communicator
Member since:
01-08-2015
03-05-2021
Community Statistics
| Posts | 103 |
| Solutions | 0 |
| Karma Given | 37 |
| Karma Received | 8 |
| Member Since | 01-08-2015 |
Activity Feed
- Posted Re: Passing 3 values to drilldown on Dashboards & Visualizations. 02-22-2021 12:39 PM
- Posted Re: Passing 3 values to drilldown on Dashboards & Visualizations. 02-22-2021 10:45 AM
- Posted Passing 3 values to drilldown on Dashboards & Visualizations. 02-22-2021 06:22 AM
- Karma Re: Unable to pass the correct timevalue for drilldown for bowesmana. 02-17-2021 12:38 PM
- Posted Unable to pass the correct timevalue for drilldown on Dashboards & Visualizations. 02-15-2021 03:51 PM
- Karma Re: How do I write the regex to extract all instances of this field from unstructured data? for sundareshr. 06-05-2020 12:48 AM
- Karma Re: Why am I getting no results found when creating and searching my field lookups? for sundareshr. 06-05-2020 12:48 AM
- Karma Re: Using mvexpand to get multiple fields from XML data, why am I getting incorrect values for a field? for somesoni2. 06-05-2020 12:48 AM
- Karma Re: How to edit my search to match fields from indexed data with a field in a CSV file to output another corresponding field? for sundareshr. 06-05-2020 12:48 AM
- Karma Re: How to edit my search to match fields from indexed data with a field in a CSV file to output another corresponding field? for sundareshr. 06-05-2020 12:48 AM
- Karma Re: How to configure a universal forwarder to monitor a log file in a certain drive on a Windows machine? for skoelpin. 06-05-2020 12:48 AM
- Got Karma for How to configure a universal forwarder to monitor a log file in a certain drive on a Windows machine?. 06-05-2020 12:48 AM
- Got Karma for Re: Drill down cell level does not work. 06-05-2020 12:48 AM
- Karma Re: How to search the most recent value for 2 fields and plot them in a pie chart? for stephane_cyrill. 06-05-2020 12:47 AM
- Karma Re: How to write a search to check the amount of data indexed by my app each day for a certain time range? for lguinn2. 06-05-2020 12:47 AM
- Karma Re: How to search the most recent value for 2 fields and plot them in a pie chart? for Gilberto_Castil. 06-05-2020 12:47 AM
- Karma Re: How to edit my search to filter and populate an input field only with host names with ABC in the value? for gyslainlatsa. 06-05-2020 12:47 AM
- Karma Re: How to edit my search to filter and populate an input field only with host names with ABC in the value? for sideview. 06-05-2020 12:47 AM
- Karma Re: Splunk Dashboard 6.x Examples Source Code: Where do I place or write .js scripts? for stephanefotso. 06-05-2020 12:47 AM
- Karma Re: Splunk Dashboard 6.x Examples Source Code: Where do I place or write .js scripts? for tom_frotscher. 06-05-2020 12:47 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 |
04-06-2015
01:52 PM
@Iguinn
Thank you...
Both worked, and I had an option of entering the series on the first one as well. As the graph itself was multiple series lines.
... View more
04-06-2015
11:04 AM
Hi,
I want to a graph to check the amount of data indexed by my app on each day for a certain time period. I have multiple csv files in the source, one host and an index ( not default, I created this ). I used
index="abc" | eval MB=kb/1024 | search group="per_sourcetype_thruput" | timechart span=1d sum(MB) by series
and
index="abc" group="per_index_thruput" | timechart per_second(kb) as " kbps" by series
but they seem to return no results.
... View more
03-31-2015
12:02 PM
I have created a dashboard with hourly sum(added) values for all users. In the dashboard I want to give the option of drop down to select the user name or a text box where they can enter the name of the user and the graph has to display the result of this user alone.
How can I create a drop box or text box and pass the value to the query?
... View more
03-31-2015
09:05 AM
@somesoni2
I was not, but now I am... It is slightly better 🙂
Thanks
... View more
03-31-2015
07:35 AM
@sideview
You are right... This is definitely better, but I still do feel that this is taking long. I have 42 million records.
Splunk is taking almost 3-4 minutes to return count for the query index=abc| stats count
Is this normal?
If I make a dashboard, will the speed improve?
... View more
03-30-2015
01:58 PM
2 Karma
Hi,
I am working on a distributed splunk environment. I have created an app and a separate indexer for this app to load data. I have the data on the data summary, so when I got to search and for example say "Index=abc" , it takes 20 mins to load completely. If I add more complexity to my search, it would take even longer.
I do have huge volumes of data (millions of records ). Is there a way to optimize?
... View more
03-30-2015
11:49 AM
@masonmorales
I did perform a search. BuT I still cannot see the data in the summary. The problem is, it takes a lot of time to load the data (I have millions of records), each time I execute the search.
How do I get over this problem?
... View more
03-30-2015
07:05 AM
@marcoscala
I do not find user management under my settings and I also, do not find the index name anywhere in the data summary. I only find hosts, sources, sourcetype. where should I look for the index?
... View more
03-27-2015
03:05 PM
I created a deployment app to make a forwarder pick data from a location and index it lets say index A.
Then I created another app whose index is index A , so I can use this app for data display.
Now I see data in the index, and search it using the"index=A" command.
But is this the best way to do it?
Should I not be able to see the data on the app's data summary screen?
Can I build dashboards by using "index=A" as a part of the query?
... View more
- Tags:
- dashboards
- index
03-27-2015
02:19 PM
What command should I use to check spluk logs in a linux system?
And where should I run this command?
... View more
03-27-2015
12:14 PM
Does it need some kind of a restart, to reflect on the splunk web?
Do I have to make any changes to the index files?
... View more
03-27-2015
11:39 AM
No.. I want the app to use this index instead of default index and when I go to the splunk web-> index name, I want to see this app name instead of "system". Basically, I want the app to populate data from this index.
... View more
03-27-2015
10:56 AM
1 Karma
Hi...
I have created my own app and I have an index as well. I want to map this index to the app... How should I do this using splunk web?
If I cannot do this using splunk web, how else should I do it?
... View more
03-26-2015
04:27 PM
@gwalford
Again thank you so much......... I am working on an urgent requirement and your help is of great value.
Thanks for the document. It definitely helps me understand the contents of inputs.config. I created an app folder in the deployment_apps folder, created a subdir caled local and also created a file called inputs.conf (4 line input file).
I then created a server class(it is mapped to a client ). I am trying to add this add to the server class , it does not let me and displays a server error.
My doubts are :
1. What is the problem here? Is it happening because of the contents of the app folder?
2. Is it because, it is not reading the inputs.conf?
3. WHAT SHOULD I DO?
Thank you so much for your time and help!
... View more
03-26-2015
03:14 PM
URGENT!!
For creating an app to
1. Monitor a path lets say /abc/def in a server where forwarder is located
2. Pick data if the file is of a certain name and certain type
3. Load the data into splunk
Note: the splunk root and the forwarders are on different location
What are all the files that I should write or is there like app.conf, inputs.conf etc ?
Which ones(files) come as default if I create this APP DIRECTORY and tie it into the class?
Or should I manually create all the files that should go into this app directory?
Is there any sample script that you can share?
... View more
03-26-2015
03:04 PM
@gwalford
This makes so much sense to me now... Thank you first of all for that...
But for creating an app to
1. Monitor a path lets say /abc/def in a server where forwarder is located
2. Pick data if the file is of a certain name and certain type
3. Load the data into splunk
Note: the splunk root and the forwarders are on different location
What are all the files that I should write or is there like app.conf, inputs.conf etc ?
Which ones(files) come as default if I create this APP DIRECTORY and tie it into the class?
Or should I manually create all the files that should go into this app directory?
Is there any sample script that you can share?
... View more
03-26-2015
02:16 PM
@gwalford
Like should I add the app. conf, prop.conf files or would it add them on its own? Where should I write what it should do?
... View more
03-26-2015
02:08 PM
Okay... I am doing this the first time.. so could you please be more specific?
I have read this deployment server article numerous times now... but... it still does not answer my question of how do I push the config to make the forwarder pick the data from a location ?
... View more
03-26-2015
01:29 PM
URGENT!!
I want to create a splunk deployment app to configure the forwarder to pick data from a server location.
I know that to create a deployment app, I just have to create a folder in $SPLUNK_HOME/etc/deployment-apps (which is empty) and in forwarder management, add the server class to it... But how do I write code into it? What and where should I write to make the forwarder pick up data from the location?
... View more
- « Previous
- Next »
