Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About asingla
asingla
Communicator
Member since:
10-11-2011
06-05-2020
Community Statistics
| Posts | 53 |
| Solutions | 2 |
| Karma Given | 1 |
| Karma Received | 17 |
| Member Since | 10-11-2011 |
Activity Feed
- Karma Re: How to find the latest event (message) with a given key (field)? for dwaddle. 06-05-2020 12:46 AM
- Got Karma for Universal forwarder is not working as an intermediate forwarder.. 06-05-2020 12:46 AM
- Got Karma for search disabled because of license violation. How to enable them back after importing the new license?. 06-05-2020 12:46 AM
- Got Karma for search disabled because of license violation. How to enable them back after importing the new license?. 06-05-2020 12:46 AM
- Got Karma for To use subsearch result in outersearch for > and < comparisons.. 06-05-2020 12:46 AM
- Got Karma for Re: How to find the latest event (message) with a given key (field)?. 06-05-2020 12:46 AM
- Got Karma for How to find the latest event (message) with a given key (field)?. 06-05-2020 12:46 AM
- Got Karma for How to find the latest event (message) with a given key (field)?. 06-05-2020 12:46 AM
- Got Karma for How to find the latest event (message) with a given key (field)?. 06-05-2020 12:46 AM
- Got Karma for How to find the latest event (message) with a given key (field)?. 06-05-2020 12:46 AM
- Got Karma for fillnull for all the field names with a pattern. 06-05-2020 12:46 AM
- Got Karma for Re: Not able to forward udp messages from Universal fowarder. (v4.2.3). 06-05-2020 12:46 AM
- Got Karma for Not able to forward udp messages from Universal fowarder. (v4.2.3). 06-05-2020 12:46 AM
- Got Karma for How to assign the appropriate host name for udp input type for universal forwarder?. 06-05-2020 12:46 AM
- Got Karma for How to assign the appropriate host name for udp input type for universal forwarder?. 06-05-2020 12:46 AM
- Got Karma for Where is the configuration for default app for a role?. 06-05-2020 12:46 AM
- Got Karma for The default value for TimeRangePicker is not working for 'admin' user.. 06-05-2020 12:46 AM
- Got Karma for How to pass more than 2 values when clicking on a row for drill down search?. 06-05-2020 12:46 AM
- Posted Re: Not able to run splunk javascript sdk examples. on Building for the Splunk Platform. 12-05-2012 06:54 AM
- Posted Re: Not able to run splunk javascript sdk examples. on Building for the Splunk Platform. 12-04-2012 06:30 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 2 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 1 |
12-05-2012
06:54 AM
Done as advised but still the same error. this is how the
the X-ProxyDestination in the request header looks like
http:// :8089/services/json/v2/services/auth/login?
... View more
12-04-2012
06:30 AM
Yes I was trying the wrong port. Thanks for that. But now I am getting 500 Internal Server Error with response as {"code":"ECONNRESET"}. Do I need to install xml2json app on the splunk server? Where do I get that?
... View more
12-03-2012
08:27 AM
Setup everything as per the docs, changed the user name and password but when click on Run button on the first example, it says "Error in logging in".
When checked developer console, it resulted in this error page
The path '/en-US/services/json/v2/services/auth/login' was not found.
We have "Splunk 4.3 build 115073." installed.
Please advice how I should make these examples run.
... View more
- Tags:
- javascript-sdk
- sdk
07-10-2012
01:49 PM
I am using a join search command. What I noticed is that join only takes one row from the sub search result for the joining field though my subsearch has more than one row on the joining field.
In short it's not doing the Cartesian product as done by joins in SQL.
e.g. search result for the outer search is
host
host1
host2
and subsearch return the following
host instance status
host1, 1, ON
host1, 2, OFF
host2, 1, OFF
the join on host returns
host1,1,ON (or host1,2,OFF)
host2,1,OFF
Is there anyway to get the Cartesian product in splunk?
... View more
- Tags:
- join
04-27-2012
11:02 AM
If an AutoRefresh modules contains another AutoRefresh module, is there a way so that parent auto refresh module does not refresh any module under a child AutoRefresh module?
Very useful module though.
... View more
04-24-2012
01:29 PM
I have an app with 5-6 pages. Each page consist of 5-6 real time searches. Each page allowed to navigate to another pages in this app. Now if user opens a page, navigates to another page and then come back to the same page, it results in 15 real time search running for that user and though effectively it's only 5 jobs user is interested in. I want to kill these searches spawned via a page when user moves away from that page.
I know it's going to be tricky but I will appreciate if someone can suggest a way to solve this problem.
Thanks,
... View more
03-08-2012
02:50 PM
It didn't work for me. I am using a dedup command in my search and the search scanned roughly 4000 events and the result set size is only 11 events.
... View more
03-08-2012
02:37 PM
I have the same issue as posted here. What I was able to notice that if you do not use dedup then it works fine. Now I have a case where I need to use dedup command. Post here if you find the solution.
... View more
02-02-2012
07:17 AM
That's what I have and it's not working.
<module name="SubmitButton">
<param name="allowSoftSubmit">False</param>
<param name="label">Delete</param>
<module name="Search" autoRun="False">
<param name="search">index=cehudlatest sys=$system$ site=$site$ mhost=$host$ appcat=$appcat$ appinst=$appinst$ | delete</param>
<name="earliest">-10m@s</param>
<param name="latest">now</param>
<module name="JobProgressIndicator"/>
</module>
</module>
... View more
02-02-2012
06:32 AM
2 Karma
I have a universal forwarder listening on udp:12000 for messages from various processes and relaying it to splunk indexer. Universal forwarder are receiving messages from some local processes (running on the same machine) and some from remote processes. For remote process the host name in the messages are correct i.e. the IP for those machines but for local process it's 127.0.0.1. I understand the reason as the local processes are configured with 127.0.0.1/localhost. If I change the configuration (for the local processes) with the IP of the machine, then I see the IP in the messages. Is there anyway I can configure universal forwarder to replace the localhost/127.0.0.1 with the machine IP and still retain the host name for the remote processes as it is?
... View more
02-02-2012
06:19 AM
It works. So it's just the CLI bug. Thanks.
... View more
01-17-2012
11:17 AM
I have a submit button module containing search module and I want to execute the search only when user clicks on the button. As after search module I have to have some result module (JobProgressIndicator) for a valid view.xml but that is causing the search to run when user loads the page. Is there anyway so that search never runs when user loads the page?
... View more
- Tags:
- submit
01-06-2012
12:55 PM
1 Karma
I created an app and defined some roles and defined my app as default app for these roles. I see the authorize.conf file being created and see all the properties for the roles but I don't see the default app defined for this role in the file. Where is this information being persisted?
... View more
- Tags:
- authorization
12-08-2011
01:44 PM
I want to run different search when user clicks on the different row in the table. Is it possible?
If not, then is it possible to choose an action based on the column type?
... View more
12-08-2011
10:39 AM
1 Karma
I set the default value for TimeRangePicker to 5 minute window and I also mentioned the isSticky to false for my view. For 'admin' user, It always shows selected time as '1 hour window' on page load no matter what I set the default value to. For the users which I created, It works fine.
Is there anything I am am missing.
PS: I created customized times.conf for my app.
... View more
- Tags:
- admin
- timerangepicker
12-07-2011
12:01 PM
I am summarizing my data every minute but I do not need that data after one hour. So I have schedule another search to run every hour to delete this old data. But I am realizing it is not freeing up the disk space. Am I missing anything? Do I need to do something more than just calling the | delete command?
... View more
- Tags:
- delete
12-02-2011
01:44 PM
1 Karma
SimpleResultTable passes the value for the fist column as click.value when user clicks on a row. Is it possible to have access of all the column values (click.value2, click.value3...) when user clicks on a row for the drill down search?
2) Is it possible to hide a column (first one) in the SimpleResultTable and then pass this hidden column value when user clicks on a row?
... View more
11-17-2011
02:00 PM
1 Karma
I need to use fillnull command but I don't have the exact field names before hand. All my fields starts (which I want to fill) starts with a common string i.e. err* . Though most of the commands in splunk do work with field name patterns e.g. table err* but fillnull err* is not working the way I want. Is there any other way to do this?
... View more
- Tags:
- fillnull
11-17-2011
12:55 PM
My Bad. I didn't see the Tracking option checked. I need to unchek that.
... View more
11-17-2011
06:44 AM
Search and report page (on splunk UI) has an Alert column. I see that number is increasing every time my search run as per the schedule. But for the similar settings for the searches shipped with Search App do not generate an alert. Alert settings for those searches are 'always' and retain the alert for 24 hour.
... View more
