Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About mysicksi
mysicksi
Path Finder
Member since:
11-18-2019
10-15-2020
Community Statistics
| Posts | 18 |
| Solutions | 1 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 11-18-2019 |
Activity Feed
- Posted Re: Regex and Windows XML log events on Splunk Search. 05-22-2020 11:54 AM
- Posted Regex and Windows XML log events on Splunk Search. 05-21-2020 08:02 AM
- Tagged Regex and Windows XML log events on Splunk Search. 05-21-2020 08:02 AM
- Tagged Regex and Windows XML log events on Splunk Search. 05-21-2020 08:02 AM
- Posted Re: Sort results by time events on Getting Data In. 05-12-2020 05:54 AM
- Posted Sort results by time events on Getting Data In. 05-11-2020 02:43 PM
- Tagged Sort results by time events on Getting Data In. 05-11-2020 02:43 PM
- Tagged Sort results by time events on Getting Data In. 05-11-2020 02:43 PM
- Posted Re: Splunk Daemon and Solarwinds on Getting Data In. 05-05-2020 06:03 AM
- Posted Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Tagged Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Tagged Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Tagged Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Tagged Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Tagged Splunk Daemon and Solarwinds on Getting Data In. 05-04-2020 10:19 AM
- Posted Re: No data from indexes in cloud search head on Getting Data In. 05-04-2020 09:49 AM
- Posted Re: No data from indexes in cloud search head on Getting Data In. 05-04-2020 09:48 AM
- Posted Re: Splunk Add-on for Unix and Linux - interfaces.sh ERROR on All Apps and Add-ons. 04-22-2020 07:33 AM
- Posted Re: Splunk Add-on for Unix and Linux - interfaces.sh ERROR on All Apps and Add-ons. 04-21-2020 06:09 AM
- Posted Splunk Add-on for Unix and Linux - interfaces.sh ERROR on All Apps and Add-ons. 04-21-2020 06:02 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
07-30-2020
08:43 AM
Is there a limitation on number of installation of Universal forwarder in Hosting environment (Server) assuming i have relevant license available?
... View more
04-22-2020
07:33 AM
Hi @PaveIP,
Due to Splunk supports suggestion to correct this ERROR, I followed your first solution and edited the interfaces.sh file. This has worked and I am no longer receiving the error on the Linux machine. Thank you for your help!
... View more
05-04-2020
09:49 AM
Hi Rich, thank you for your help. Looking in Splunkd.log helped point us in the right direction. I included the steps we took to correct the issue.
... View more
02-18-2020
10:02 AM
You will need to nullqueue these events.
These look like process monitoring events, so dropping just the events with your noisy process is the way to go.
I am going to assume these arrive with the sourcetype=proccess_logs.
I am also going to assume that whilst you have version 5.7 installed today it could be 6.0 in the future.
On your HF, or Indexers (whichever occurs first in the Splunk event flow path)
props.conf
[proccess_logs]
TRANSFORMS-drop_cctv_events=drop_cctv_events
transforms.conf
[drop_cctv_events]
REGEX=ProcessName\=.+camera\ssystem\scenter\s\d\.\d\\camerasystem\.exe
DEST_KEY=queue
FORMAT=nullQueue
This will only apply for data arriving from the time of the change, but this should prevent these logs being indexed in the future.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-15-2020
02:36 PM
|
