Thanks for the tag. Yeah there is some confusion with the latest release because we added the ability to set default api key as well as others and they way we implemented it is causing the issue.  Basically we need users to enter a default ORG and default KEY but wanted to give them the option to add others as well and yeah I need to rework the setup page. The screenshots under installation section on GitHub should help clarify https://github.com/bentleymi/ChatGPT-4-Splunk   ... View more

Opened 8191 to resolve as well. Happened on initial build. ... View more

Check this server.conf setting that you may be  missing: goes under sslOptions sslCommonNameToCheck = <commonName1>, <commonName2>, ... * If set, and 'sslVerifyServerCert' is set to "true", splunkd limits most outbound HTTPS connections to hosts which use a certificate with one of the listed common names.   ... View more

On windows you may need to use os.sep in the path variables: Ex: ARCHIVE_DIR = os.path.join("c:",os.sep,"splunk","frozenPath")   ... View more

How about eval's urldecode? | eval decoded=urldecode(yourEncodedField) or | eval decoded=urldecode("yourEncodedString") https://docs.splunk.com/Documentation/SCS/current/SearchReference/TextFunctions#urldecode.28.26lt.3Burl.26gt.3B.29 ... View more

Great job everyone! ... View more

I accepted this as the solution because it was the earliest one that mentioned eval with periods/dots for the concatenation which is the most common approach I've seen in the last 12 years since this answer was written. Nice work! I do believe the | strcat works too, but didnt check before writing this. ... View more

Ok great! For the app to work, it requires python.  That means it will not run on a Universal forwarder, and I can't recommend running a full instance of splunk on a domain controller either.  So I would have to recommend against using this app at all on a domain controller.  Apologies for any disappointment. ... View more

What are you going to use it on domain controllers for?   Just some more details around your goal please.   Thanks! ... View more

For short: YYYY-MM-DD = %F HH:MM:SS = %T Ex. TIME_FORMAT=%F %T,%3N ... View more

you should be able to solve timeout problems by first insuring the ports are open. If the ports are closed from your host you're executing this command on, then that will cause a "timeout" or "connection refused". You can verify with openssl: openssl s_client -connect https://yourSH:8089 if that opens a connection and reads a bunch of details about cryptography to you, you're good... if it fails with timeout or connection refused, the ports are blocked / or you cant otherwise route to "yourSH:8089". If you're in a resource constrained environment and you absolutely must increase this timeout setting, then you do so by editing the following configuration item in web.conf: so we need to edit web.conf: [settings] ... splunkdConnectionTimeout = <integer> * The amount of time, in seconds, to wait before timing out when communicating with splunkd. * Must be at least 30. * Values smaller than 30 will be ignored, resulting in the use of the default value * Default: 30 ... ...and dont forget to restart! I hope this helps! ... View more

What error message are you getting now? ... View more

Which steps did you take to try to fix?  Your reply is too vague for me to help. ... View more

https://github.com/bentleymi/ta-webtools/issues/17 was created by another member of the community.  Accepting this as the answer. ... View more

All adjustable limits can be found in limits.conf.  Note that some limits can exist in an app context. That is to say limits in the search app can be different from the limits in your app. Any edits to core python code will be destroyed on upgrades (most likely) and may also trigger "file integrity" warnings as well.     ... View more