×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
dimasfs
Explorer
Member since: ‎06-12-2020
2 weeks ago
Community Statistics
Posts 7
Solutions 1
Karma Given 54
Karma Received 2
Member Since ‎06-12-2020
Activity Feed
View All

Much needed size optimization of this app - Python...

by in Splunk Dev
‎12-11-2024 06:23 AM
2 Karma
‎12-11-2024 06:23 AM
2 Karma
After bumping in to the "Error while deploying apps to first member, aborting apps deployment to all members: Error while updating app=Splunk_SA_Scientific_Python_linux_x86_64" problem, we too were forced to double our max_content_length value on our search head cluster members. Upon closer look on "why is this app so big" I could see that several files unter bin/linux_x86_64/4_2_2/lib are actually duplicated. What we usually see as symlink to the library files, are current copies of the same file. After tweaking a little bit on those files, I guess we can reduce around 500MB of duplicated library files and bring it below the accepted standard of 2GB. Maybe someone overlooked that while compiling and packaging the app? ... View more

Re: DB Connect not writing new data to indexes bec...

by in All Apps and Add-ons
‎03-01-2024 03:40 AM
‎03-01-2024 03:40 AM
Any update on this? We have the same issue here. ... View more

Re: srcFilter by metrics index and host OR lookup ...

by in Security
‎01-22-2024 11:20 AM
‎01-22-2024 11:20 AM
After some research I could verify the I need to make an indexed Lookup, so the fields will be indexes together with the data. ... View more

srcFilter by metrics index and host OR lookup valu...

by in Security
‎01-04-2024 07:50 AM
‎01-04-2024 07:50 AM
Hello there, we use search filters on our role management concept. It works fine but we got stuck on the following problem: Since some of hour hosts have a physical hostname (srv1, srv2, srv3,...) and a virtual hostname (server1-db, server2-db, server3-db, server1-web, server2-web, server3-app), we had to use a lookup table (on the search heads) in order to have the virtual names mapped to the physical hostname (which are the names identified by the splunk forwarder). Our Lookup table look like this:     sys_name,srv_name srv1,server-db1 srv2,server-db2 srv3,server-web1 srv4,server-web2 srv5,server-app1 srv6,server-app2       my Role settings look like this:     [role_metrics_db] srchFilter = index=metrics AND (host=server-db* OR srv_name=server-db*) [role_metrics_web] srchFilter = index=metrics AND (host=server-web* OR srv_name=server-web*) [role_metrics_app] srchFilter = index=metrics AND (host=server-app* OR srv_name=server-app*)     Unfortunately my search filters do not recognize either the fields "sys_name" or "srv_name".  Should the search filters be done different? Does someone had the same challenge? Any help will be appreciated. Cheers!  ... View more
Labels

Re: Moment.js not available in splunk 9.1.x+

by in Splunk Enterprise
‎09-14-2023 05:10 AM
‎09-14-2023 05:10 AM
Same issue here ... View more

Re: Why did SA-ldapsearch stop working after upgra...

by in All Apps and Add-ons
‎01-03-2023 05:54 AM
‎01-03-2023 05:54 AM
My workaround was to specify (also on ssl.conf) the [sslConfig] caCertFile = <my_ca_file_relative_to_sslRootCAPath> BUT, as we can read at https://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf caCertFile = <filename> * DEPRECATED. Use the 'sslRootCAPath' setting instead. * Used only if 'sslRootCAPath' is not set. * File name (relative to 'caPath') of the CA (Certificate Authority) certificate PEM format file containing one or more certificates concatenated together. * Default: cacert.pem So I guess this is a matter of upgrading the app. I will file a case on it. The app was supposed to work without this deprecated setting. ... View more

Re: After installing Splunk Add-on Builder, why do...

by in All Apps and Add-ons
‎11-02-2020 05:16 AM
‎11-02-2020 05:16 AM
I am having this issue too. ... View more
Contact Me
Online Status
Offline
Date Last Visited
2 weeks ago
Karma from
View All
Karma given to