×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
cmccormick
Explorer
Member since: ‎11-05-2013
‎06-05-2020
Community Statistics
Posts 8
Solutions 0
Karma Given 1
Karma Received 5
Member Since ‎11-05-2013
Activity Feed
View All

Re: How to create a Splunk DB Connect 2 lookup wit...

by in All Apps and Add-ons
‎04-14-2016 02:40 PM
‎04-14-2016 02:40 PM
Unfortunately, that did not work. However, I have switched to indexing the data and just using a join. ... View more

Re: How to create a Splunk DB Connect 2 lookup wit...

by in All Apps and Add-ons
‎12-23-2015 01:37 PM
‎12-23-2015 01:37 PM
This does not really answer my question... I am wanting to create a DB lookup that allows me to pass in to input values to an advanced query, but I am not able to figure out how I need to format my query in Splunk. I have tried the format like I originally included and also this format. SELECT TOP 1 Meta_LogDate, FirstName, LastName, Region FROM People_Historical WHERE UserName = {{UserName}} AND Meta_LogDate <= {{LogDate}} ORDER BY Meta_LogDate DESC Then tried to use the following search, without success. source=actionlog | lookup db_connect_HistoricalPeople UserName, LogDate OUTPUT FirstName, LastName, Region How would I format the query to allow me to pass the inputs from the search? ... View more

Re: How to make a timechart/graph from a search re...

by in Splunk Search
‎12-22-2015 01:17 PM
‎12-22-2015 01:17 PM
Are you wanting to know how many of the messages you are receiving for a given timeframe? ... View more

Re: Why am I receiving syslog errors that splunkd ...

by in Deployment Architecture
‎12-22-2015 12:19 PM
1 Karma
‎12-22-2015 12:19 PM
1 Karma
I found out that I had a search head on Splunk 6.2.1 that was added to the cluster. When I removed it, the errors stopped. ... View more

How to create a Splunk DB Connect 2 lookup with qu...

by in All Apps and Add-ons
‎12-22-2015 12:15 PM
1 Karma
‎12-22-2015 12:15 PM
1 Karma
Hello, I have a table in my database that records changes to a record in my people table. I have a trigger that inserts the new data into the historical table when the record changes and timestamps it. I need to do a lookup on that table based on username and the date on the event in Splunk. I am trying to create a dblookup using DB Connect that will run a query like the following: SELECT TOP 1 Meta_LogDate, FirstName, LastName, Region FROM People_Historical WHERE UserName = $UserName$ AND Meta_LogDate <= $LogDate$ ORDER BY Meta_LogDate DESC How can I do this with Splunk DB Connect 2? The interface does not allow me to create/add parameters to the advanced query when creating the lookup. ... View more

Why am I receiving syslog errors that splunkd was ...

by in Deployment Architecture
‎11-22-2015 11:49 PM
1 Karma
‎11-22-2015 11:49 PM
1 Karma
I am receiving errors in my syslog showing that splunkd is crashing about every couple of minutes on my two clustered indexers. I have been researching the issue and have yet to determine the root cause. I have checked the Splunk logs and their are no errors being reported there either. Here is the syslog entry: Nov 23 00:04:39 den1-spkix-301 kernel: splunkd[30897] trap divide error ip:c36e19 sp:7f0eafbfba20 error:0 in splunkd[400000+1ade000] The reason file in the abrt folder shows Process splunk/bin/splunkd was killed by signal 8 (SIGFPE) This started shortly after a new input started being forwarded to the indexers. Here are the details for my servers: OS: CentOS 6.5 Architecture: x86_64 Kernel: 2.6.32-431.el6.x86_64 Splunk Version: Splunk 6.3.0 (build aa7d4b1ccb80) Any help would be appreciated. ... View more

Re: Can you manage intermediate forwarders using a...

by in Getting Data In
‎01-21-2015 10:17 AM
‎01-21-2015 10:17 AM
Thank you very much, I could find that article. ... View more

Can you manage intermediate forwarders using a dep...

by in Getting Data In
‎01-21-2015 10:13 AM
2 Karma
‎01-21-2015 10:13 AM
2 Karma
I have searched the documentation but I can not find where you define the deployment server information. I am using 6.2 on CentOS and I want to manage the outputs.conf through an app on the deployment server instead of manually editing each forwarder. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All
Karma given to
View All