Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About paulwrussell
paulwrussell
Explorer
Member since:
12-27-2015
06-05-2020
Community Statistics
| Posts | 10 |
| Solutions | 0 |
| Karma Given | 3 |
| Karma Received | 0 |
| Member Since | 12-27-2015 |
Activity Feed
- Karma Re: Aggregating fields in JSON array for martin_mueller. 06-05-2020 12:48 AM
- Karma Re: What is the best practice performance-wise to get data in using C#? for gblock_splunk. 06-05-2020 12:47 AM
- Karma how to split the json array into multiple new events for wood1986. 06-05-2020 12:46 AM
- Posted Re: Aggregating fields in JSON array on Splunk Search. 05-22-2016 10:25 PM
- Posted Re: How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-22-2016 02:47 PM
- Posted How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Tagged How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Tagged How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Tagged How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Tagged How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Tagged How to create a timechart plotting average values for nested JSON data? on Splunk Search. 05-21-2016 10:50 PM
- Posted Re: What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 02-15-2016 02:50 PM
- Posted Re: What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 02-15-2016 01:14 PM
- Posted Re: Protocol Data Inputs: How to process a stream of events over TCP before indexing them in Splunk? on All Apps and Add-ons. 01-07-2016 06:07 AM
- Posted Re: What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 12-28-2015 07:32 AM
- Posted Re: Can someone show an example of sending data through TCP to a Splunk server using the C# SDK? on Splunk Dev. 12-28-2015 04:55 AM
- Posted What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 12-27-2015 06:12 AM
- Tagged What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 12-27-2015 06:12 AM
- Tagged What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 12-27-2015 06:12 AM
- Tagged What is the best practice performance-wise to get data in using C#? on Monitoring Splunk. 12-27-2015 06:12 AM
Topics I've Started
05-22-2016
10:25 PM
i still cant get real data to display anything other than a big count. didnt make a difference adding fields. what is feilds menat ot be doing in this scenario? why would eval behave different to real data?
... View more
05-22-2016
02:47 PM
yes ive looked at it. i can turn into string and use rex to remove outside node ids. but not sure what to do after that.
... View more
05-21-2016
10:50 PM
I am receiving JSON into Splunk in the following format. I'm trying to figure out how I can do searches to plot average values for this nested data. I need to be able to plot a line for each node over time, but I also need to be able to plot the average value for all nodes within a gateway over time. I don't know if I should be splitting up this data into multiple events as it comes into Splunk or whether my search should normalize all nodes to a common name as the id is in the data, and then try to split it up. Are there other options I haven't thought of yet?
The list of nodes is a dynamic list, so I can't hardcode these node ids.
gateway: "gateway1",
nodes: {
1002: {
id: 1002
}
11: {
id: 11
value: 100
} ,
14: {
id: 11
value: 120
}
}
Help is really appreciated.
... View more
02-15-2016
02:50 PM
ok great thanks. i might try and add that when i get some time. one last question. when i use automatic batching, will the send method act in an asynchronous manner? or for this, would i have to do manual batching?
... View more
02-15-2016
01:14 PM
Thanks for the answer. Very helpful. Ive decided to go down route of using common logging and sending JSON directly. But if i do this, is there anyway of setting the timestamp? I'd like this option for passing in historical data.
... View more
01-07-2016
06:07 AM
How do you get to those socket settings?
... View more
12-28-2015
07:32 AM
Thanks for the response.
If i couldn't use the universal forwarder, what is the recommended best approach for high throughput?
... View more
12-28-2015
04:55 AM
Has anyone figured out how to do this in C#?
... View more
12-27-2015
06:12 AM
Hi,
My application is written in C#. I see there are a few ways for getting data in:
C# SDK (as per submit example)
Logging.net with HTTP Event Collector
Posting raw JSON to HTTP Event Collector
Somehow posting directly to a TCP input (I can't figure out how to do this)
I'm going to be indexing a lot of data and I'm trying to figure out the best method for doing this from my C# app in a threadsafe way. I've read through most of the documentation, but can't really tell what best practice is. It looks like HTTP EC may be the new recommended way. But is using logging .net really the most appropriate way of getting application data into Splunk? This seems more focused around getting application events into Splunk.
... View more
12-27-2015
06:03 AM
@Andy: you said " For better performance and throughput, you may also using raw socket directly. That is also supported by the SDK. You attach a Stream object to an Index object or a Receiver object and then write data into stream directly. Refer to UnitTests.IndexTest.IndexEvents." Do you have example of posting using raw socket directly using C#? I cant find the mentioned test class.
Im going to be indexing alot of data. And I'm trying to figure out the best method for doing this from my C# app in a threadsafe way.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
