Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About chenfan
chenfan
Explorer
Member since:
11-26-2022
2 weeks ago
Community Statistics
| Posts | 16 |
| Solutions | 0 |
| Karma Given | 4 |
| Karma Received | 0 |
| Member Since | 11-26-2022 |
Activity Feed
- Posted Re: Authorization Token Not Work on Splunk Enterprise. 2 weeks ago
- Posted Re: Authorization Token Not Work on Splunk Enterprise. 2 weeks ago
- Karma Re: Authorization Token Not Work for livehybrid. 2 weeks ago
- Posted Re: Authorization Token Not Work on Splunk Enterprise. 2 weeks ago
- Posted Authorization Token Not Work on Splunk Enterprise. 2 weeks ago
- Posted Re: Modify Dashboard Studio Field Value‘s Color on Dashboards & Visualizations. 05-13-2025 08:31 PM
- Posted Re: Modify Dashboard Studio Field Value‘s Color on Dashboards & Visualizations. 05-13-2025 09:37 AM
- Posted Modify Dashboard Studio Field Value‘s Color on Dashboards & Visualizations. 05-13-2025 09:36 AM
- Posted Re: Why to use syslog or tcp output? on Getting Data In. 05-13-2025 09:20 AM
- Posted Re: Why to use syslog or tcp output? on Getting Data In. 05-13-2025 09:14 AM
- Karma Re: Why to use syslog or tcp output? for gcusello. 05-13-2025 08:05 AM
- Posted Re: Using a second field to color a Single Value in Dashboard Studio on Dashboards & Visualizations. 05-08-2025 01:33 AM
- Posted Re: Why to use syslog or tcp output? on Getting Data In. 03-25-2025 11:46 PM
- Posted Re: Splunk Upgrade from 7.3.0 to 9.x on Installation. 03-24-2025 11:43 PM
- Posted Re: Splunk Upgrade from 7.3.0 to 9.x on Installation. 03-04-2025 11:42 PM
- Karma Re: Splunk Upgrade from 7.3.0 to 9.x for gcusello. 03-04-2025 11:38 PM
- Posted Re: Splunk Upgrade from 7.3.0 to 9.x on Installation. 02-24-2025 07:12 PM
- Posted Re: Splunk Upgrade from 7.3.0 to 9.x on Installation. 02-21-2025 12:32 AM
- Posted Re: Splunk Upgrade from 7.3.0 to 9.x on Installation. 02-20-2025 11:26 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 |
2 weeks ago
Hi @livehybrid Thankyou for your reply! I have tried,but it not work. And this is my token
... View more
2 weeks ago
Hi Splunker, I tried to enable/disable with API, but I encountered problems with token authentication. I always get the following error. I have also adjusted the API information, but I still can't solve this problem. curl -v -X POST -k -H "Authorization: Bearer dc73xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" "https://mysplunkserver:8089/servicesNS/nobody/my_app/saved/searches/testalertapi" -d enabled=0 It will be really great if you could share some working examples somewhere in your documentation. Thanks in advance!
... View more
05-13-2025
08:31 PM
Hi @bowesmana Can you help me to check it, thanks!
... View more
05-13-2025
09:37 AM
@isoutamo Can you help me to check it, thanks!
... View more
05-13-2025
09:36 AM
Hello Splunkers, I've been having problems with Dashboard Studio recently and it has been bothering me for a long time. It would be great if you could give me some suggestions. I want to assign different colors according to different field values. I have made the following configurations, but they haven't taken effect. { "type": "splunk.map", "options": { "center": [ 24.007647480837704, 107.43997967141127 ], "zoom": 2.3155822324586683, "showBaseLayer": true, "layers": [ { "type": "bubble", "latitude": "> primary | seriesByName('latitude')", "longitude": "> primary | seriesByName('longitude')", "bubbleSize": "> primary | frameWithoutSeriesNames('_geo_bounds_east', '_geo_bounds_west', '_geo_bounds_north', '_geo_bounds_south', 'latitude', 'longitude') | frameBySeriesTypes('number')", "dataColors": " > primary | seriesByName('status') | matchValue('colorMatchConfig')" } ] }, "dataSources": { "primary": "ds_PHhx1Fxi" }, "context": { "colorMatchConfig": [ { "match": "high", "value": "#FF0000" }, { "match": "low", "value": "#00FF00" }, { "match": "critical", "value": "#0000FF" } ] }, "containerOptions": {}, "showProgressBar": false, "showLastUpdated": false }
... View more
05-13-2025
09:20 AM
Hi @gcusello { "type": "splunk.map", "options": { "center": [ 24.007647480837704, 107.43997967141127 ], "zoom": 2.3155822324586683, "showBaseLayer": true, "layers": [ { "type": "bubble", "latitude": "> primary | seriesByName('latitude')", "longitude": "> primary | seriesByName('longitude')", "bubbleSize": "> primary | frameWithoutSeriesNames('_geo_bounds_east', '_geo_bounds_west', '_geo_bounds_north', '_geo_bounds_south', 'latitude', 'longitude') | frameBySeriesTypes('number')", "dataColors": " > primary | seriesByName('status') | matchValue('colorMatchConfig')" } ] }, "dataSources": { "primary": "ds_PHhx1Fxi" }, "context": { "colorMatchConfig": [ { "match": "high", "value": "#FF0000" }, { "match": "low", "value": "#00FF00" }, { "match": "critical", "value": "#0000FF" } ] }, "containerOptions": {}, "showProgressBar": false, "showLastUpdated": false }
... View more
05-13-2025
09:14 AM
Hi @gcusello Thankyou for your support, you are my hero! I've been having problems with Dashboard Studio recently and it has been bothering me for a long time. It would be great if you could give me some suggestions. I want to assign different colors according to different field values. I have made the following configurations, but they haven't taken effect. Can help me to check it.
... View more
05-08-2025
01:33 AM
Hi @livehybrid I've also faced a similar problem. I want to specify the color corresponding to the field value in the map view, but the modification I made doesn't take effect. Could you please help me check it? { "type": "splunk.map", "options": { "center": [ -3.337953961431438, 79.98046874997863 ], "zoom": 2, "showBaseLayer": true, "layers": [ { "type": "bubble", "latitude": "> primary | seriesByName('latitude')", "longitude": "> primary | seriesByName('longitude')", "bubbleSize": "> primary | frameWithoutSeriesNames('_geo_bounds_east', '_geo_bounds_west', '_geo_bounds_north', '_geo_bounds_south', 'latitude', 'longitude') | frameBySeriesTypes('number')", "dataColors": " > primary | seriesByName('status') | matchValue('colorMatchConfig')" } ] }, "dataSources": { "primary": "ds_PHhx1Fxi" }, "context": { "colorMatchConfig": [ { "match": "high", "value": "#FF0000" }, { "match": "low", "value": "#00FF00" }, { "match": "critical", "value": "#0000FF" } ] }, "containerOptions": {}, "showProgressBar": false, "showLastUpdated": false }
... View more
03-25-2025
11:46 PM
Hi @gcusello If I want to use Heavy Forwarder to forward received Syslog logs to a target server that does not have Splunk instance, can you give me some advice?Thankyou!
... View more
03-24-2025
11:43 PM
Hi, @gcusello Considering various factors, we have decided to directly deploy a new Splunk Enterprise 9.3.X instance. Can we directly deploy the License file to the new instance?
... View more
03-04-2025
11:42 PM
Hi @gcusello Thank you for your reply! Can I upgrade the platform from version 7.x.x to version 9.3.x and then uniformly upgrade the Apps/Add-ons to their latest versions? Will this have an impact on my system?
... View more
02-21-2025
12:32 AM
Hi @gcusello, Thankyou for your reply, it's very helpful for me. Can it be directly upgraded from 7.2.x to 9.2.x since it is a single node?
... View more
02-20-2025
11:26 PM
Hi @gcusello I am very confused, if we upgrade Splunk Enterprise from version 7.x.x to version 9.x.x, what impact will it have on the license? And will it affect the use of functions?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
2 weeks ago
|
