Hello Stephen, I am using the flags "usenull=f useother=f" in my timechart search, but no logs are coming still, are there any limits being responsible for it? ... View more

Hey @sundareshr, window option is working on my case. Appreciate that! ... View more

Which capabilites does the user have (both itself and inherited)? Every role needs to have at least rest_properties_get and search to be useful. I just created a role with these two capabilites, assigned a user that role and was able to use a macro which I created with app-level permission for as that new user. There's no capability needed to use macros. ... View more

Hey @jplumsdaine22, Copy all from folder called default and paste it into folder called local and works like magic! Thanks & appreciate that! ... View more

This behavior was first noted in 2.3.0 and was subsequently resolved by DBX-3193 in version 2.3.1. Please upgrade your DB Connect instance to 2.3.1 and let us know if you experience any further issues with this. Thank you! ... View more

Now I realized that my timerange will cause my dashboard will not display the correct value of data if I declare like this. Thanks for your comment @yannK[Splunk] ! ... View more

What if i need to use "depends" ? ... View more

There are too many potential problems to guess at. ... View more

That indicates to me that DB Connect and/or Splunk are not figuring out that you want _time to be based on date_created... I'd double-check the input that DB Connect created, if you asked for _time to be generated from date_created and it isn't happening, you might be looking at a bug. ... View more

Hi @somesoni2, Does |gentimes start=-1 means to search data with condition 1 day back? If so, I couldnt get any results even when I change the value. I tried -30 , and date as follow but still not working. here is my completed search string: index=blah Field1="Value1" | eval time_submitted=strptime(time_submitted, "%m/%d/%Y") | eval _time=time_submitted | eval FormattedOrderDate=strftime(_time, "%m/%d/%Y") | stats count(ticket_number) as inflow by FormattedOrderDate |search earliest=-30d@d time_submitted> [|gentimes start=08/01/2015 | addinfo | return $info_min_time] ... View more

blush - Thanks ! ... View more

I could go either way on it myself but tend to agree with you. You have nothing to lose by filing a bug report with support.Splunk.com. ... View more

Thanks for the advise @alacercogitatus! That carved in my mind now. The reason why I post it because there would be other beginner splunker like me out there - they know what they want to achieve but may not understand what they are doing with the indexes and ended up with cant bring the server up. And yea, it is only for testing perusal and I wont do it on the live environment. Thanks and cheers once again! ... View more

the connection to APNs is invalid for both This means the servers in your network cannot reach APNs. To talk to APNs, port 2195 for gateway.push.apple.com should be accessible from your server. To test your network, you can use netcat, telnet or openssl client. For example: 1) Use netcat to test the connection: nc -zv gateway.push.apple.com 2195 It should report something like "Connection to gateway.push.apple.com port 2195 [tcp/*] succeeded!” 2) Use telnet to test the connection: telnet gateway.push.apple.com 2195 It should report something like "Trying 17.143.164.13… Connected to gateway.push-apple.com.akadns.net" It is probably the firewall in your network prevents your servers from talking to APNs gateway and makes the connection invalid. If you can confirm this is a network problem, you can configure your firewall to make the connection back to work. ... View more

and to add to prev comment i will need the historic data aswell ..so i cant delete the prev data ... View more

Hi @woodcock, I finally found myself to use JOIN function as your suggested. But it is very welcome if you have another ideas. ... View more

I have a question on this: For Oracle 11g release 2 - ojdbc6.jar is specified and ojdbc7.jar is for Oracle 12c. Isn't it specific to what Oracle version is used? Will ojdbc7.jar works with Oracle 11g release 2? Also on Oracle driver page it is said that ojdbc6.jar is compatible with Java 8. I have installed the app with ojdbc6.jar but not tested yet. Thanks Hemendra ... View more

In DBX2 - sometime this could be a temp issue. So, please try again after sometime - http://docs.splunk.com/Documentation/DBX/2.3.0/DeployDBX/Troubleshooting ... View more

I added \bin in my case ... View more

You can always use | inputcsv append=t file.csv in your SPL. cheers, MuS ... View more

Fixed! [source::C:Program FilesSplunk/etc/apps/MySampleApp/samples/Order_Activities.csv] SEDCMD-LINE_ID_NOT_FOUND = -r s/LINE_ID_NOT_FOUND:([0-9]){8}/LINE_ID_NOT_FOUND/g [Order_Activities.csv] SEDCMD-LINE_ID_NOT_FOUND = s/LINE_ID_NOT_FOUND:[0-9]*/LINE_ID_NOT_FOUND/g ... View more

Removing conf-mutator.pid and restarting worked for me. ... View more

you just received a cookie! ... View more