What is the meaning of terms MEMORY_REAL and MEMORY_SWAP in output of hardware.sh script in Splunk App for nix
Here is output of script :
[root@localhost bin]# sh hardware.sh
KEY VALUE
CPU_TYPE Intel(R) Core(TM) i5-XXXX CPU @ XXXGHz
CPU_CACHE XXXX KB
CPU_COUNT X
HARD_DRIVES sda (XXXXXXXXXX-XXXXX) XXX GB;
NIC_TYPE [ xxxxxx] xxxxx Gigabit
NIC_COUNT 2
MEMORY_REAL 8066392 kB
MEMORY_SWAP 8200188 kB
Apart from this I would also like to know meaning of NIC_TYPE and NIC_COUNT.
... View more
Not necessarily you have to give permission to everyone. you can give read or write or both permissions to individual role. Plus while creating role, you can add already present roles from "Inheritance" section to get capabilities of inherited role. If you play with combination of these, i am sure you can get what you want.
... View more
Hi, You can work this out by creating new role accordingly as per the user group and set permission of knowledge objects to this newly created role.
... View more
Yes, you can take a backup to be on safer side.To cover your dashboards, searches and all other knowledge objects, you can take backup of $SplunkHome/etc folder. In that also you can decide if you want to take backup of specific apps by copying its folder.
... View more
Hi,
Firstly you need to check if all the apps and add-ons are compatible with the version (here 7.3) you want to upgrade to.
Then the process to upgrade is just like you do for new installation. Splunk automatically detects that this is an upgrade.
Go through the detail documentation below:
https://docs.splunk.com/Documentation/Splunk/7.0.3/Installation/AboutupgradingREADTHISFIRST
Below are the steps to upgrade:
http://docs.splunk.com/Documentation/Splunk/7.0.3/Installation/HowtoupgradeSplunk
Hope this helps.
... View more
I am trying Log to metric conversion feature. I tried getting data in using Add Data feature. But no data preview gets displayed when the sourcetype is selected for log to metric conversion. While playing around I observed that data preview is getting displayed when METRIC-SCHEMA-TRANSFORMS Advanced setting is removed.
Here is my stanza for the sourcetype I created
[log_to_met]
DATETIME_CONFIG =
INDEXED_EXTRACTIONS = csv
LINE_BREAKER = ([\r\n]+)
METRIC-SCHEMA-TRANSFORMS = metric-schema:log_to_met_1546498662303
NO_BINARY_CHECK = true
category = Log to Metrics
pulldown_type = 1
disabled = false
transforms.conf stanza
[metric-schema:log_to_met_1546498662303]
METRIC-SCHEMA-MEASURES = _value
So, what are these Metric Measures and how to get data in with these measures. Also what is the importance of log to metric conversion.
... View more