cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
dimasfs
Explorer
Member since: ‎06-12-2020
‎03-19-2024
Community Statistics
Posts 6
Solutions 1
Karma Given 34
Karma Received 0
Member Since ‎06-12-2020
Activity Feed
View All

Re: DB Connect not writing new data to indexes bec...

by in All Apps and Add-ons
‎03-01-2024 03:40 AM
‎03-01-2024 03:40 AM
Any update on this? We have the same issue here. ... View more

Re: srcFilter by metrics index and host OR lookup ...

by in Security
‎01-22-2024 11:20 AM
‎01-22-2024 11:20 AM
After some research I could verify the I need to make an indexed Lookup, so the fields will be indexes together with the data. ... View more

srcFilter by metrics index and host OR lookup valu...

by in Security
‎01-04-2024 07:50 AM
‎01-04-2024 07:50 AM
Hello there, we use search filters on our role management concept. It works fine but we got stuck on the following problem: Since some of hour hosts have a physical hostname (srv1, srv2, srv3,...) and a virtual hostname (server1-db, server2-db, server3-db, server1-web, server2-web, server3-app), we had to use a lookup table (on the search heads) in order to have the virtual names mapped to the physical hostname (which are the names identified by the splunk forwarder). Our Lookup table look like this:     sys_name,srv_name srv1,server-db1 srv2,server-db2 srv3,server-web1 srv4,server-web2 srv5,server-app1 srv6,server-app2       my Role settings look like this:     [role_metrics_db] srchFilter = index=metrics AND (host=server-db* OR srv_name=server-db*) [role_metrics_web] srchFilter = index=metrics AND (host=server-web* OR srv_name=server-web*) [role_metrics_app] srchFilter = index=metrics AND (host=server-app* OR srv_name=server-app*)     Unfortunately my search filters do not recognize either the fields "sys_name" or "srv_name".  Should the search filters be done different? Does someone had the same challenge? Any help will be appreciated. Cheers!  ... View more
Labels

Re: Moment.js not available in splunk 9.1.x+

by in Splunk Enterprise
‎09-14-2023 05:10 AM
‎09-14-2023 05:10 AM
Same issue here ... View more

Re: Why did SA-ldapsearch stop working after upgra...

by in All Apps and Add-ons
‎01-03-2023 05:54 AM
‎01-03-2023 05:54 AM
My workaround was to specify (also on ssl.conf) the [sslConfig] caCertFile = <my_ca_file_relative_to_sslRootCAPath> BUT, as we can read at https://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf caCertFile = <filename> * DEPRECATED. Use the 'sslRootCAPath' setting instead. * Used only if 'sslRootCAPath' is not set. * File name (relative to 'caPath') of the CA (Certificate Authority) certificate PEM format file containing one or more certificates concatenated together. * Default: cacert.pem So I guess this is a matter of upgrading the app. I will file a case on it. The app was supposed to work without this deprecated setting. ... View more

Re: After installing Splunk Add-on Builder, why do...

by in All Apps and Add-ons
‎11-02-2020 05:16 AM
‎11-02-2020 05:16 AM
I am having this issue too. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎03-19-2024 12:03 PM
Karma given to