I downvoted this post because he was talking about mssql, not mysql. ... View more

Yes in fact, this is not a Splunk problem, but a general one. But I thought maybe there is some functionality which can help me do that inside of splunk. I solved that now using iptables with connlimit functionality on the splunk-proxy for the affected ports. Every further connection attempts will be answered as "connection refused", then our software will cache the logs be it's own until the connection is succeeded. Well knowing the infrastructure and the behavior of our software i could pick a suitable max number of connections. Nevertheless thank you for the answer. ... View more

seems to be fixed in 6.2.1, thx! ... View more

I'm also interested. I believe I'm having a similar issue with dbx2. ... View more

thanks! Just forgotten it! 🙂 I was confused because we have an older instance of forwarder running with the same app, but, in fact splunk was running as root. ... View more

works, thanks! ... View more

Different approach - but cool way to solve the problem. Also works. I've also done a chart variation with index=animalfood | chart count by Animal, Food limit=0 ... View more

You're welcome. If this answers your question, can you mark the answer as accepted? There are three benefits if you do: My user will get points, other users who answer questions can focus their energy on unanswered questions and users with a similar question will see that this problem was solved. Thanks ... View more

You can also download the SA-ldapsearch app that does this for you. ... View more