×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
viku7474
Explorer
Member since: ‎02-02-2023
3 weeks ago
Community Statistics
Posts 16
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎02-02-2023
Activity Feed
Topics I've Started
View All

Dell PowerScale Add-on for Splunk - Configuration

by in Getting Data In
3 weeks ago
3 weeks ago
I am trying to fetch the Dell PowerScale metrics data into splunk via HF. I have installed the Add-On on the HF, but I don't see the port configuration in it. By default, it should connect with 443, but the dell power scale machine is listening on 8443 port.  I don't see the port option in the UI, how to get the data into splunk?   ... View more

Remove datamodel summary from indexers

by in Splunk Enterprise
4 weeks ago
4 weeks ago
We see around 100GB of datamodel_summary piled up on our cluster indexers from palo alto logs.  We have now reduced the acceleration to 1 day. Now we want to clear up the disk space on the indexers. Is it safe to remove datamodel_summary from the indexers?  Also, I see that those will not replicate among other indexers in cluster. So I plan to remove it manually from all the indexers in cluster.  ... View more

Splunk SSO Renewal Azure

by in Splunk Enterprise
‎09-11-2025 02:50 AM
‎09-11-2025 02:50 AM
Our Splunk SSO Azure certificate is about to expire, and we need to renew new certificate in Splunk. We have a 3 SHC machine. I have placed the new IDP Cert inside etc/auth/idpcert/ dir, and clicked on reload authentication configuration. The certificate did not replicate. I have placed the new IDP Cert manually on all the 3 SHC's inside etc/auth/idpcert/ dir, and did the rolling restart. After the restart, somehow it took the old IPD Certificate. (Checked via Openssl Command) I have taken the backup and moved the old certificate to a different directory but when I manually place the new IDP Cert, and do a restart, it is reflecting with old cert. Any ways to fix this issue to renew the new cert? I don't see Metadata XML configured at the first place. So unsure if we need to install metadata XML or IDP Cert.  ... View more

user specific browser timeout

by in Getting Data In
‎08-13-2025 01:03 AM
‎08-13-2025 01:03 AM
I want to create a dedicated role with its own browser timeout settings, while keeping the default timeout settings for all other roles. (Basically I am creating a dedicated role for a specific user to access a dashboard which doesn't get logged out - So I will increase the timeout settings - Which should be applicable only for that sepcific role) I read this Configure user session timeouts - Splunk Documentation but looks like it is a general settings applicable for all. Anyone succeeded by having a  user specific browser timeout? ... View more
Labels

Re: Role or User Specific Web Session Timeout

by in Getting Data In
‎08-13-2025 12:52 AM
‎08-13-2025 12:52 AM
@yh  I am looking for role based browser session timeout. Does it work? If yes, kindly let me know the parameters.  ... View more

Re: Splunk custom dashboard as homepage/landingpag...

by in Splunk Enterprise
‎11-25-2024 12:49 AM
‎11-25-2024 12:49 AM
But that will not show the apps column at the left side. Correct me if I am wrong, thanks   ... View more

Splunk custom dashboard as homepage/landingpage UI

by in Splunk Enterprise
‎11-24-2024 11:57 PM
‎11-24-2024 11:57 PM
Hi All, We are on Splunk 9.2 version, and we want to have a custom dashboard as landing page whenever any user logs in, the custom dashboard should appear along with the apps column at the left side. How to achieve it? Right now, this works only for me and that too it lands in the quick links tab. Also, I can have the dashboard as default under navigation menu but it will not show apps column which is on the left side.  ... View more
Labels

Re: 9.2.0 Home launcher UI

by in Splunk Enterprise
‎11-24-2024 11:46 PM
‎11-24-2024 11:46 PM
I am also facing the same issue, Did you find any solution? ... View more

Re: Exclusion in lookup via wildcard

by in Knowledge Management
‎05-27-2024 09:43 PM
‎05-27-2024 09:43 PM
I want to exclude the first set of events and retain the 2nd set of events, via lookup, when I use the search NOT condition, it doesn't work as expected.  you're right, exclude_message, there is no field as such is getting created.  ... View more

Exclusion in lookup via wildcard

by in Knowledge Management
‎05-27-2024 10:44 AM
‎05-27-2024 10:44 AM
I have a splunk query which returns these 2 set of events. 1) domain_name="abc" microservice_name="test" message=[WEB] ERROR RESPONSE : NO_DOCUMENTS_FOUND -> 2) domain_name="abc" microservice_name="test" message=[WEB] ERROR RESPONSE : GUID_EXPIRED my vtest.csv lookup looks like below: domain_name; microservice_name; message abc; test;  NO_DOCUMENTS_FOUND I am using the below query to exclude 1st set of events. I have created WILDCARD(message) match_type  | lookup vtest message OUTPUT message as exclude_message | search NOT (exclude_message="*") But it is not working, and I don't get any fields in "exclude_message" as well. kindly help.    ... View more
Labels

Re: Set Custom TimeRange picker on Specific Splunk...

by in Dashboards & Visualizations
‎05-12-2024 11:37 PM
‎05-12-2024 11:37 PM
This is exactly what I was looking for. but is it possible to incorporate along with the existing Time Range Picker? ... View more

Set Custom TimeRange picker on Specific Splunk Stu...

by in Dashboards & Visualizations
‎05-02-2024 01:35 AM
‎05-02-2024 01:35 AM
I want to customize the Splunk studio dashboard in such a way that it shows last 7 days (each day) separately.  The requirement is only one dashboard. not globally.  Today's date is 2nd May 2024. Now I want to showcase historical day here for last 7 days separately. I want options like below in the presets so that if they select that day then users would see that day's data. The historical dates should change dynamically. 1st May 31st April 30th April 29th April 28th April 27th April 26th April ... View more
Labels

Re: DBConnect : Unable to connect to Oracle databa...

by in All Apps and Add-ons
‎03-13-2024 08:36 AM
‎03-13-2024 08:36 AM
Hi @lakshman239  Thanks for the info. Can you provide some more insights? What are the additional rules? I have a similar request and I am able to telnet on 1521 port from splunk, but still the connectivity says it is blocked by firewall while submitting.. ... View more

Re: splunk merge field values

by in Splunk Search
‎11-08-2023 08:44 AM
‎11-08-2023 08:44 AM
@ITWhisperer  Thank you!! It works, Since I am passing this token in mail subject, can I separate it by comma or hyphen.? ... View more

splunk merge field values

by in Splunk Search
‎11-08-2023 07:49 AM
‎11-08-2023 07:49 AM
I have a field called environment which has values like dev,prod,uat,sit. Now I want to create a new_field which all the field values of environment field. Example: (4 field values) environment  dev prod uat sit After query: ( 1 field value, separated by any string) merge_environment= dev | prod | uat | sit How to achieve this? ... View more

Re: Splunk Add-on for Salesforce - how to add a fi...

by in All Apps and Add-ons
‎10-25-2023 11:58 PM
‎10-25-2023 11:58 PM
@Gunnar Did you find any alternate solution? I have a similar problem and looking for a solution.  ... View more
Contact Me
Online Status
Offline
Date Last Visited
3 weeks ago
Karma given to
View All