×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
bnorthway_splun
Splunk Employee
Member since: ‎03-28-2016
‎06-05-2020
Community Statistics
Posts 17
Solutions 2
Karma Given 114
Karma Received 5
Member Since ‎03-28-2016
Activity Feed
View All

Re: How to make a custom REST endpoint in Splunk?

by in Splunk Enterprise
‎03-29-2022 02:03 AM
‎03-29-2022 02:03 AM
But don't have an example for the POST endpoint. Overall, I think the document in Splunk is not good, not enough for a newbie. IBM QRadar and ELK have good document to development ... View more

Re: How to get searches to run in Smart or Verbose...

by in Splunk Search
‎06-24-2021 11:56 PM
‎06-24-2021 11:56 PM
Hi @rewritex , Could you please give a snippet of the same. On click of search icon of panels in my dashboard, the queries are running to verbose mode only, want to change it to fast mode. I am using Base search in my dashboard. Since export option is not available, trying out this scenerio, but I have a good amount of data, as such running in verbose mode is something trying to avoid. @all, please suggest some.   ... View more

Re: choose all Multiselect values by default witho...

by in Dashboards & Visualizations
‎02-05-2021 02:02 PM
‎02-05-2021 02:02 PM
Thank you for the code If it can help, I had to make a minor change to make it works properly in my case (some data were longer to load.) : var idSearchSelectIndex_results = idSearchSelectIndex.data("preview"); By  var idSearchSelectIndex_results = idSearchSelectIndex.data("results");   ... View more

Re: How to create a user from the command line and...

by Splunk Employee in Security
‎11-25-2018 08:17 PM
1 Karma
‎11-25-2018 08:17 PM
1 Karma
With a little bit of guessing, I discovered that the parameter is "-force-change-pass true" A complete example is: ./splunk add user alice -password password123 -role user -email alice@acme.com -full-name "Alice" -force-change-pass true ... View more

Re: Create Tab in Dashboard

by Splunk Employee in Dashboards & Visualizations
‎04-22-2020 03:12 PM
‎04-22-2020 03:12 PM
There is an updated dashboard tab example available here: https://github.com/LukeMurphey/splunk-dashboard-tabs-example ... View more

Re: replication was unsuccessful. failed_because_R...

by in Deployment Architecture
‎04-10-2018 09:26 AM
‎04-10-2018 09:26 AM
I'm seeing this in a 6.6.3 environment ... View more

Re: In splunkd.log, why do I receive repeating err...

by in Getting Data In
‎06-06-2017 03:01 PM
‎06-06-2017 03:01 PM
I found if there is a lookup file located at $SPLUNK_HOME/splunk/etc/apps/DA-ESS-ThreatIntelligence/local/data/threat_intel, such error will pop-up. Then I mv my local_ip_intel.csv file to local_ip_intel.bak. Error message seems stop showing up. Anyone could explain what happen here? ... View more

Re: Anyone seeing 'libmongoc-1.0.0.dylib' errors w...

by Splunk Employee in Splunk Enterprise
‎08-01-2016 11:45 AM
‎08-01-2016 11:45 AM
In case anyone else is supporting an old version... You can work around the problem by following these directions: http://www.acme-dot.com/installing-splunk-on-el-capitan/ You may need to update the paths in the examples provided. ... View more

Re: Info_max_time and info_min_time issue

by Splunk Employee in All Apps and Add-ons
‎05-30-2017 07:17 PM
‎05-30-2017 07:17 PM
It is mathematically impossible to calculate an average where one of the numbers is infinity. In your case, it probably doesn't matter since you'll have events nearly constantly and samcogheil's solution is probably "good enough". ... View more

Re: dispatch.finalizeRemoteTimeline taking a long ...

by in Splunk Search
‎04-18-2020 12:41 PM
‎04-18-2020 12:41 PM
I have not tried it but isn't "remote_timeline_fetchall = false" good for reporting searches instead of search that you run on search window? ... View more

Re: No cookie support detected. Check your browser...

by in Splunk Search
‎01-29-2020 04:40 AM
‎01-29-2020 04:40 AM
I had the same issue in Chrome. Splunk version 7.1.2 Clearing cookies didn't help. Restart Chrome helped. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM