Hello. I created a dashboard using some of the data from the Splunk App for Unix. Its in the default index called "os." I notice that only the admin user of splunk can query info out of that index. Is there something I need to do to allow other users to do that? The issue I have is when I shared the dashboards, nobody can see the data within the panels except the admin user. ... View more

Hi all. I have a table in our application database that records when reports are generated. It includes great info such as the report type, the duration the report took, start/end, parameters, etc. I'd love to have Splunk generate some sort of timechart on the different report types, or perhaps even a way to see how many concurrent reports are being generated. My question is, how can I have splunk query the db (as it does any normal file) for this information? Is it possible? Thank you, it may be a dumb question but I'm trying 🙂 ... View more

Hi there. I'm fairly new to Splunk, so apologize if this is an easy one. I have setup Splunk's App for Unix..its collecting all the info very well from about 10 servers. My question is about the Reports that it provides. In the search app, if I go to reports I see lots of great reports created by the Splunk App for Unix. There is one that shows load average. I want to modify that so I can only show just certain groups of hosts. If I edit, instead of the search language, I just see a function in the search bar called Percent_Load_by_Host(*) I'd like to be able to do something like 'Percent_Load_by_Host(server1,server3,etc) but if I enter more than one field it complains. So my question is, how can I modify this report and be able to use it for more than just showing the load average for everything? Thank you very much, still learning this. ... View more