You had misunderstood my comments...What I want to know is how to get those .csv files for e.g(cpu,mem) in order for me to do the automatic lookup? I was using windows platform for this and I want that extra information of the lookup to be appeared in the event panel(in the dashboard view). I've tried export the results out based on someone posted in the forum and followed the instructions but I couldn't get it. Do I need a log file so that the Splunk app will know which log file to put for automatic lookup?If so,how to do that because I'm a newbie for Splunk.
... View more
There is an error message:Your maximum disk usage quota has been reached. usage=15808MB quota=10000MB user=admin. The search was not run. Use the Job Manager to delete some of your saved search results. SearchId=rt_admin_admin_windows_dG9wIDEwIHByb2Nlc3MgYnkgYXZnIGNwdSBsb2Fk_rt_1308707481.4497.Can someone tell me is there any best solution to solve this problem?
... View more
What I meant is how to develop the batch jobs to produce extra information for CPU,memory saved searches I had done e.g(top 10 process by cpu,top 10 process by mem).Do I need to create or get a .csv file online in order to do the field lookup?
... View more
Do I need to create a .csv file for the lookup field section of a saved search for CPU,memory by myself or I just need to go online to get the file?
... View more
Does anyone know how do I perform a search on the "top 10 processes by disk" which consists of the names as well as the total memory for the disks, in addition to the used and free space? Then for "top 10 processes by network", I need the names, sent(MB) as well as received(MB).
... View more
I have looked through all the input commands for memory, cpu, disk, i/o, etc.. but from there I cannot come up with my own solution to search for the top 10 processes of the system listed above. I try modified the input values but to no avail....
... View more
I looked at all the instructions for all the links you had provided for me but I couldn't understand. May I appreciate you to explain all the configurations needed for Linux because I keep having problems with the search portion in Splunk?
... View more
My problem is that after I have created the panels for my dashboard, my date and time were not indicated correctly as time goes by. I have to refresh manually by myself so that the results will be updated...
... View more
What I want to know is that how to modify the changes of the real-time information e.g(refreshed:today at 12:04:09 )on the dashboard so that it will automatically refreshed and update the latest results every second. This real-time information is located at the top -right hand corner of a panel.
... View more
I meant that after I have done all my setup for the RSS alert action, there is an RSS logo displayed under all of my saved searches. But when I clicked on the link, it generates nothing but a few lines of code for an XML file. What is going on? How can I solve this problem?
... View more
What are the configuration/setup I have to do in order to use Splunk in Redhat Enterprise Linux? What is the reason of why I can't search anything like top 10 process by CPU that kind of thing, and it shows no search results in redhat Enterprise Linux?
... View more
Can I know what is the reason of why the RSS has not been generated or even run even though I have created the schedule search for a particular process?
... View more