×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
IcyPenguin
Loves-to-Learn Lots
Member since: ‎06-25-2021
‎07-22-2021
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎06-25-2021
Topics I've Started
View All

Re: DBConnect 3.2 error Error while saving schema ...

by in Getting Data In
‎07-19-2021 05:51 AM
‎07-19-2021 05:51 AM
Thanks for the reply, Do you remember what folder / file needed the permissions, when I run DB Connect with a manual file location for /tmp/file.xml it works fine, and I can see the file gets created with Splunk:Splunk ownership.  I am trying to figure out where DB Connect is trying to create a file that it does not have permissions for ... View more

Re: DBConnect 3.2 error Error while saving schema ...

by in Getting Data In
‎07-16-2021 11:53 AM
‎07-16-2021 11:53 AM
Sorry where did you give everyone access to the file, on your OS or somewhere in Splunk config? I am stuck on the same problem Thanks! ... View more

SNMP bandwidth using foreach

by in Splunk Search
‎06-25-2021 08:09 AM
‎06-25-2021 08:09 AM
Hello everyone, I am new to Splunk and learning the ropes. I am stuck on a query I am trying setup. I have SNMP data coming in and I am trying to measure traffic in Mbps or Kbps. SNMP uses a continuous bit counter which continuous adding traffic to a total sum. In order to get Mbps I have to use the following calculation: ((Current_Value - Previous Value) / (current_time - previous_time)) and then convert bytes to Mbps. This is working fine, however I want to be able to do this "foreach" interface for a dashboard. Right now when I use a wildcard for interface name it breaks, because the delta calculation doesn't always use the same interface. index=sample name="interfaces" ifName="ethernet1/1" | where bytes_in!=0 | sort _time | delta _time AS time_delta | delta bytes_in AS delta_bytes_in | eval Kbps = (((delta_bytes+in *8 )/1000 / time_delta) | eval Mbps = Kbps/1000 | table _time, Mbps When I switch ifName="ethernet1/1" to  "ifName="*" this breaks. I was hoping to use foreach to iterate over each interface, but do not know how. Was hoping someone could help me with this 🙂 ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎07-22-2021 07:14 AM