Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About earlhelms
earlhelms
Path Finder
Member since:
06-28-2016
05-02-2023
Community Statistics
| Posts | 37 |
| Solutions | 2 |
| Karma Given | 14 |
| Karma Received | 11 |
| Member Since | 06-28-2016 |
Activity Feed
- Posted Re: How can I share a lookup script with other apps? on Splunk Search. 05-02-2023 12:02 PM
- Karma Re: Dynamic Dropdown Using Timepicker for niketn. 03-15-2022 08:45 AM
- Got Karma for Re: Issue while updating Splunk custom command permission from UI. 11-04-2021 02:20 AM
- Posted Re: Issue while updating Splunk custom command permission from UI on Dashboards & Visualizations. 07-06-2021 02:17 PM
- Karma Re: Issue while updating Splunk custom command permission from UI for sh1pit76. 07-06-2021 02:16 PM
- Posted Re: SPL2 for onpremise on Splunk Search. 02-05-2021 01:15 PM
- Got Karma for Re: Create Oracle Connection: Cannot load connection class because of underlying exception: com.mysql.cj.exceptions.WrongArgumentException: Malformed database URL, failed to parse the main URL sections.. 06-05-2020 12:50 AM
- Got Karma for Refresh queue job: ['5da491033e5b6c4c9510ecf2', '5da491033e5b6c4c9510ecf3'] is stuck. 06-05-2020 12:50 AM
- Karma Re: Splunk DB Connect: Can I run 2 versions on the same server to avoid migrating database inputs to an upgrade? (v2.3.0 and v3) for FlavioKoch. 06-05-2020 12:49 AM
- Got Karma for Splunk DB Connect: Can I run 2 versions on the same server to avoid migrating database inputs to an upgrade? (v2.3.0 and v3). 06-05-2020 12:49 AM
- Got Karma for Re: Splunk DB Connect: Error in 'dbxquery' command: Invalid message received. 06-05-2020 12:49 AM
- Got Karma for Re: Splunk DB Connect: Error in 'dbxquery' command: Invalid message received. 06-05-2020 12:49 AM
- Got Karma for Re: Splunk DB Connect: Error in 'dbxquery' command: Invalid message received. 06-05-2020 12:49 AM
- Karma Re: Splunk local account login to splunkweb when SAML authentication is enabled? for suarezry. 06-05-2020 12:48 AM
- Karma DB Connect 2.2.0 not working in SHC for ishaanshekhar. 06-05-2020 12:48 AM
- Karma Re: DB Connect 2.2.0 not working in SHC for BP9906. 06-05-2020 12:48 AM
- Karma Re: How to set a timezone token in a dashboard to display a user's timezone in a time chart? for martin_mueller. 06-05-2020 12:48 AM
- Got Karma for Re: Migrate DB Connect from 1.1.0 to 2.4.0 - Security Enhancements - Allow user to only view SQL results. 06-05-2020 12:48 AM
- Got Karma for Re: Splunk 6.6 upgrade seems to have permissions issues. 06-05-2020 12:48 AM
- Karma How to get the duration in the format HH:MM:SS between two extracted fields (DateTimeStart and DateTimeEnd)? for shariinPH. 06-05-2020 12:47 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
07-06-2021
02:17 PM
1 Karma
Same issue Splunk 8.0.7
... View more
02-05-2021
01:15 PM
I have the same question. It's rather surprising that I have to dig for the answer to this question.
... View more
10-14-2019
08:52 AM
1 Karma
ITSI gives me messages like this frequently:
Refresh queue job: ['5da491033e5b6c4c9510ecf2', '5da491033e5b6c4c9510ecf3'] is stuck. Please confirm and manually delete this job from the queue.
Note: The values inside of the brackets vary but, the rest of the message is always the same. I've noticed some KPI base searches seem to just quit working which I'm thinking is probably related to this message.
I've searched all over the place for instructions and also opened a ticket. It seems that nobody knows the mysterious process referenced in the message to "confirm and manually delete this job from the queue". What am I confirming? How do I delete the job from the queue?
I have no idea what this is telling me or how to perform the recommended action.
... View more
08-09-2019
07:40 AM
1 Karma
This appears to be related - https://bugs.mysql.com/bug.php?id=87600
Bug #87600 Connector throws 'Malformed database URL' on non mysql connection-urls
Incidentally, only one of may many Oracle databases is having this issue and it only started following an Oracle upgrade.
... View more
08-09-2019
07:33 AM
I'm having the same issue and it only started after an Oracle database upgrade. An existing working database input started displaying this message and stopped working.
... View more
11-16-2018
01:47 PM
Incidentally, The official examples from https://www.w3schools.com/graphics/svg_text.asp don't work with ITSI.
... View more
11-16-2018
01:44 PM
Me too but, I have no idea what this says other than, " ITSI GlassTable icon does not recognize SVG file."
Google Translated...
SVG file creation guide does not exist separately.
However, if you use basic shapes such as and when creating an SVG file, you may not be able to display them properly when registering as a custom icon in the Glass Table.
When creating the SVG file using the tag, the problem does not occur.
If you are creating an icon using Adobe Illustrator, first select it, then choose Object> Path> Outline Stroke from the top menu and export it to the Glass Table.
... View more
Most excellent, ty
Search to indicate what roles can search the index:
| rest /services/authorization/roles splunk_server=local | table id, srchIndexesAllowed | mvexpand srchIndexesAllowed | search srchIndexesAllowed="IndexName"
Search to indicate what roles can search all indexes
| rest /services/authorization/roles splunk_server=local | table id, srchIndexesAllowed | mvexpand srchIndexesAllowed | where match(srchIndexesAllowed,"[*]")
... View more
06-04-2018
05:55 AM
Thank you. I'm upvoting even though I upgraded long ago.
... View more
05-04-2018
07:35 AM
I'm testing ITSI backup and restore. One use case that I have is to restore in case we have a bad service import. During testing, when I do a restore the following message appears, "Are you sure you want to start the job for BackupTest1? Restore will attempt to merge current configuration with the backup. This action will schedule the job immediately and this background operation is irreversible.". How exactly does ITSI attempt to merge?
The way I'm reading this as a user is that restoring from backup will not take you back to the exact same state that you had at backup time because the merge process does something,
Getting back to my use case, if I run a backup, do a bad import that causes all sorts of issues, would a restore undo the import?
... View more
11-09-2017
11:00 AM
1 Karma
Reference bug ticket DBX-4449
... View more
11-08-2017
10:29 AM
2 Karma
I've been told that Db Connect 3.1.1 isn't compatible with Splunk version 7. You may be wasting your time trying to get it to work. I downgraded to Splunk 6 and DbConnect 3.1.1 seems fine so far.
... View more
11-02-2017
07:34 AM
Same issue here. Actually, every search produces the same result. Inputs or ad-hoc. Splunk 7 dbconnect 3.1.1
... View more
10-05-2017
08:37 AM
Consider using btool to verify that the setting that you changed is the one actually being used.
... View more
10-05-2017
08:33 AM
Your terminology could use some work. Traffic in a WAN is no less routable than traffic in a LAN.
... View more
10-03-2017
07:49 AM
1 Karma
I am currently running DbConnect version 2.3.0 and I would like to upgrade to DbConnect version 3. My issue is that I have maybe 40 database inputs and various other uses of DbConnect that would make a migration difficult. What I would like to do is install both versions on the same server and slowly migrate and test one input at a time.
Is it possible to run DbConnect version 2 and version 3 on the same server?
... View more
05-08-2017
11:56 AM
1 Karma
I resolved my own issue...
/opt/splunk/bin/splunk createssl server-cert -d /opt/splunk/etc/auth -n server -c zzzz-zzzz.zzz.zzzz.com -l 2048
Note: I edited the FQDN in the above example
... View more
05-08-2017
09:00 AM
A related link: https://answers.splunk.com/answers/457893/after-upgrading-to-650-kv-store-will-not-start.html
Which led me to this...
[root@zzz]# tail /opt/splunk/var/log/splunk/mongod.log
2017-05-08T14:35:11.400Z W CONTROL No SSL certificate validation can be performed since no CA file has been provided; please specify an sslCAFile parameter
2017-05-08T14:35:11.416Z F NETWORK The provided SSL certificate is expired or not yet valid.
2017-05-08T14:35:11.416Z I - Fatal Assertion 28652
2017-05-08T14:35:11.416Z I -
***aborting after fassert() failure
and this...
[root@zzzzz]# openssl x509 -enddate -noout -in ./server.pem
notAfter=Apr 13 20:57:57 2017 GMT
Still not entirely sure what to do
... View more
05-08-2017
08:33 AM
Short answer, no. dbxquery is probably what you're looking for here. It will ALWAYS be up to date. http://docs.splunk.com/Documentation/DBX/3.0.2/DeployDBX/Commands
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-02-2023
04:35 PM
|
