×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
michael_kushma
Path Finder
Member since: ‎03-05-2015
yesterday
Community Statistics
Posts 12
Solutions 0
Karma Given 26
Karma Received 2
Member Since ‎03-05-2015
Activity Feed
View All

Re: AI Toolkit "Connection Management is not yet c...

by in Security
‎03-24-2026 10:42 AM
‎03-24-2026 10:42 AM
I was having a similar issue but none of the dropdowns were showing up. I'm an admin on my server and we have an enterprise license, but I needed to inherit the "mltk_admin" role on the admin role so thank you for pointing me in the right direction. ... View more

Re: 500 Internal Server Error when I click "Manage...

by in All Apps and Add-ons
‎09-18-2020 08:50 AM
2 Karma
‎09-18-2020 08:50 AM
2 Karma
The simple answer to this is you have a dashboard without a title. As soon as I fixed that, all the problems with 500 errors went away. ... View more

Re: DBConnect: OSError: [Errno 2] No such file or ...

by in All Apps and Add-ons
‎02-05-2020 11:28 AM
‎02-05-2020 11:28 AM
Worked for me as well. Splunk 7.3.2 and DB connect version 3.2.0. Changed that one line: if isinstance(command, str): if isinstance(command, basestring): They need to fix this... ... View more

Re: Any file size limit of threat intelligence lis...

by in Getting Data In
‎04-04-2018 07:44 AM
‎04-04-2018 07:44 AM
The area to change the max file size upload is located below: https://:/en-US/manager/SplunkEnterpriseSecuritySuite/data/inputs/threat_intelligence_manager ... View more

Re: In the Splunk Add-on for Amazon Web Services i...

by in All Apps and Add-ons
‎10-12-2016 01:00 PM
‎10-12-2016 01:00 PM
It doesn't look like there is currently a work around. According to the regex in the error, you can only have digits, letters, ".", "-", "_", and "/". This sound to me like its not using regex to find the log group name. ... View more

Re: In the Splunk Add-on for Amazon Web Services i...

by in All Apps and Add-ons
‎10-12-2016 12:58 PM
‎10-12-2016 12:58 PM
I am also having this issue. I have tried * and .+ regex but it won't work. It is requiring the exact log group name. ... View more

Re: Polling frequency seems to default to 10m

by in All Apps and Add-ons
‎03-28-2016 10:00 AM
‎03-28-2016 10:00 AM
Did you restart Splunk after making the changes? ... View more

Re: Invalid key in stanza [Splunk_TA_f5_bigip_main...

by in All Apps and Add-ons
‎03-24-2016 01:00 PM
‎03-24-2016 01:00 PM
Can we see the inputs.conf in question? ... View more

Re: Strptime statement not extracting date/time

by in Splunk Search
‎03-24-2016 12:42 PM
‎03-24-2016 12:42 PM
Can you type out your Timestamp format. It's VERY hard to read. My guess is that there line break in that field you're trying to extract from. I also don't see an AM or PM so you shouldn't be using %p at all. Should be: %m/%d/%Y %k:%M ... View more

Re: 1000 Windows Universal Forwarders, all configu...

by in Getting Data In
‎03-24-2016 11:44 AM
‎03-24-2016 11:44 AM
Polling should take relatively low resources. You're poling interval will need to be determined based on how long you can wait before gathering data for investigations. If the UF's are polling every hour and you need to be able to start gathering data in 30 seconds, then you need to set the polling interval to 30 seconds. ... View more

Re: How do I filter events and extract fields in a...

by in Splunk Dev
‎03-24-2016 11:39 AM
‎03-24-2016 11:39 AM
What are you trying to do? ... View more

Pipe delineated sourcetype Stanza

by in Getting Data In
‎04-10-2015 09:08 AM
‎04-10-2015 09:08 AM
I want to know if its possible in props.conf to create one stanza for multiple sourcetypes that doesn't use regex. I want all of my linux logs to check the hostname vs a lookup table that has a plethora of data in it. I need it to check multiple sourcetypes and I don't want to have to copy and paste the stanza over and over. It seems like it should be simple: [sourcetype1|sourcetype2|sourcetype3] LOOKUP-test = lookup_test host OUTPUT ip ... View more
Contact Me
Online Status
Offline
Date Last Visited
yesterday
Karma from
View All