Hi all, I need to trigger a email whenever am opening a internet explorer.So i have tried with sendemail but failed to achieve that and details below on erros; reg host="D-24964" Microsoft "expl.exe" | sendemail to="balaji.s@nln.com" server=chp-outlook.nln.com="" use_ssl=true username="balaji.s@nln.com="" user="" name=""" password="balaji.s@nln.com="" password=""" sendresults=true when am running above sendemail query, am getting the error "command="sendemail", [Errno 11004] getaddrinfo failed while sending mail to: balaji.s@nln.com also if am trying run another simple query like below ; reg host="D-24964" Microsoft "expl.exe" | sendemail to="balaji.s@nln.com" server=chp-outlook.nln.com sendresults=true Then geting the below error; command="sendemail", [Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond while sending mail to: balaji.s@nln.com Also i have tried with enable or disble of ssl/tsl in IE settings.Still its not working. Please help. Balaji ... View more

Hi, am using the splunk 6.0.1 60days enterprise trial version and have created a search called "IE-Alert" to trigger a alert whenever people opens up the Internet explorer in my local desktop. And splunk also running in local desktop only. Now i have updated the EMAIL ALERT SETTINGS under SETTINGS tab with Mail Host as proxy2.w1.com, username as "bjsoz" which is my username to log in my local office desktop and with the password. I entered the same passwords also in this settings. But still am not getting any email alerts even after i updated the setup of actions in alert genrations. please help. Also suggest how to setup the email setting for sending alert to my personal id which in gmail.com ... View more

Hi I have uploaded a log contains below type of events with time stamp; <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130834> <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130834> <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130835> <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130835> <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130835> <[ACTIVE] ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'> < > b1fe329591f98bd5:-37ab5bee:13e4ebbd6e2:-8000-0000000000ae440b <1367147130836> After uploading into splunk, am getting the view which contains fields _time, source, host, sourcetype,punct and _raw. Question1) The date in log shows Apr 28 2013 11.05 but in the splunk under _time field it shows as "4/28/2013 12:55:33".How to solve this issue? Question2) I need to count no of _raw fileds which contains data and which is blanks using the time stamp.for example at the time of Apr 28 2013 11.05, count of _raw fields having some data and count of _raw fields does not having any data or blank.How to do this? Sorry i am not able to attach the image or screen shot of splunk view with this query since am getting error. Please share any mail id so that i can provide sample of splunk view to understand better if need. ... View more

Hi, Is there any options in splunk for creating org charts, process flow charts with drill down options in splunk? is there any suitable apps available for this? ... View more

Hi I have downloaded sideview utils app and need to install into splunk to use for creating advanced charts,dashboards and flow charts. Please let me know how to install this and use this app? ... View more

Hi, Am having the data contains below; Asset Time stamp Temperature LD-02 00:12.6 43 41 HT-02 00:26.3 45 59 GR-02 00:33.6 52 42 LD-02 00:57.8 47 79 This are few examples of my data(actually am having 5000 rows of same kind of data for different assests) and from this i need to make a timechart which should display a trend for each Asset what is the temperature value. pls help to find how to filter particular set of assets with its temperature ... View more

hi, how to enable the https for splunk linx ver to access thru web? also how to change the port id? ... View more

Am new to ubunto and need splunk to be installed in this. how to install a splunk in ubunto?..is there any unique version of splunk for ubunto is available to download? Please share the steps or commands to use ... View more

Hi, Am using Trial Enterprise version of Splunk and the expiry date is 12th Mar 2013 as per the information from "Manager-Licensing Menu". Now shall i use this splunk to install in an internet server from where the people from other locations also can access to see the reports in splunk etc? is there any license concern will come over usage of splunk thru our internet server? ... View more

Hi, Am using csv file to indexing in splunk .. I did the search for two days 16/01/2013 to till date and got the results as events. Now just want to delete the events or records or rows that belongs to 16/01/2013 only. How to do that? ... View more

Hi , I need to know in realtime time frame option, is there any option to get refresh splunk in less than 30 seconds..like refresh the reports or dashboards at every 5 seconds? ... View more

Am having a csv file(file name: testdata.csv) which stored in a machine with Ip addr 10.80.65.177:8085 and using the same to create reports,dashboards etc in splunk which we installed in another machine with ip addr 10.80.65.183:8000 Now how can i make the splunk to use this csv file on real time basis so that whenever this csv file testdata getting updated, the reports or dashboards in splunk also should get updated with recent data on real time basis. how can i do that? also i already tried with universal forwarder but after installing it , it asks two port id such as forwarding and receiving port ids..am not sure which of those above port i have to use for this? i have given forwarder port as 8000 in splunk manager but its not accepting .pls advice ... View more

Hi all, Am new to splunk tool and i have downloaded to use my project for reporting,analysis,charts and alerts notifications based on reports. Currently i have created couple of dashboards and charts with timechart command for to showcase the uptime or downtime of various software applications for which the appropriate system availability data have been uploaded in to splunk as a .CSV file format. Based on the above CSV file data, i have created the dashboards/charts. Also am able to interlink the charts or dashboards with drilldown option xml. Now my requests are below; a)how can i keep my dashboards as a shortcuts or fields on home screen of splunk, so that i can directly click the same instead of navigating thru Dashboard&review menu? b)How can i fix a alert based on a condition of data for uptime or downtime charts?for example; if am clicking the downtime or lowest value in the chart then it should send a email notification with custimised message like "X application is down and below the threshold" to respective top managers or support teams.How can i fix a alert for this?Also is that possible to generate alert automatically when a graph shows lowest downtime of certain application to concerned teams to action upon? Please help me on my above queries which is most urgent for me. ... View more

Hi, we using splunk for reporting and analysis of system data by manually feeding into it. Whenever we showing the report to client, we need to replace the name SPLUNK with our product name in all of the screens as well as in the menus. Our objective is the client should not see from where we are getting our charts/graphs. Is there any solution for my problem? ... View more

Hi all, I have created a graph which shows time intervals in x axis and application up or down time % in y axis.I have used the 2 days data for this and uploaded the same as .CSV file into splunk. Now i need to change the labels of x axis to customise to increase more visibility on time intervals. I created the graph with 5min Span in time chart but it shows as 4 hours time interval between each X axis value. How can i change this x axis time scale? ... View more