Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About joe06031990
joe06031990
Communicator
Member since:
03-08-2020
12-12-2024
Community Statistics
| Posts | 123 |
| Solutions | 3 |
| Karma Given | 37 |
| Karma Received | 0 |
| Member Since | 03-08-2020 |
Activity Feed
- Posted Re: Error in internal logs for ssl for inputs.conf on Getting Data In. 12-12-2024 10:01 AM
- Karma Re: Error in internal logs for ssl for inputs.conf for SanjayReddy. 12-12-2024 10:01 AM
- Posted Error in internal logs for ssl for inputs.conf on Getting Data In. 12-12-2024 08:59 AM
- Posted Oracle cloud tagging on Splunk Cloud Platform. 10-29-2024 04:14 PM
- Karma Re: 201 token error on Splunk cloud maintenance dashboard for sainag_splunk. 10-25-2024 10:24 AM
- Posted 201 token error on Splunk cloud maintenance dashboard on Splunk Cloud Platform. 10-23-2024 10:54 AM
- Karma Re: Dnslookup command splunk cloud for richgalloway. 09-18-2024 09:45 AM
- Posted Dnslookup command splunk cloud on Splunk Cloud Platform. 09-18-2024 09:12 AM
- Karma Re: Bulk enabling alerts for deepakc. 05-18-2024 12:52 PM
- Karma Re: Bulk enabling alerts for gcusello. 05-18-2024 12:52 PM
- Karma Re: Bulk enabling alerts for PickleRick. 05-18-2024 12:52 PM
- Posted Bulk enabling alerts on Knowledge Management. 05-17-2024 05:26 AM
- Tagged Bulk enabling alerts on Knowledge Management. 05-17-2024 05:26 AM
- Posted Re: Splunk indexer cluster CPU upgrade on Installation. 11-12-2023 01:35 AM
- Posted Splunk indexer cluster CPU upgrade on Installation. 11-11-2023 04:53 PM
- Tagged Splunk indexer cluster CPU upgrade on Installation. 11-11-2023 04:53 PM
- Tagged Splunk indexer cluster CPU upgrade on Installation. 11-11-2023 04:53 PM
- Karma Re: On certain events the indexed time is 24h after the event _time across all indexes on Splunk cloud for bowesmana. 08-22-2023 12:31 PM
- Posted On certain events the indexed time is 24h after the event _time across all indexes on Splunk cloud on Splunk Cloud Platform. 08-21-2023 02:04 PM
- Posted Re: Splunk input offset on Getting Data In. 05-12-2023 09:57 AM
12-12-2024
10:01 AM
Thanks I will give it a try
... View more
12-12-2024
08:59 AM
Hi, I can see the below error in the internal logs for a host that is not bringing any logs in Splunk error SSLOptions [17960 TcListener] - inputs. conf/[SSL]: could not read properties; we don’t have ssl options in inputs.conf just wondered if there was any other locations to check on the universal forwarder as it works fine for other servers.
... View more
Labels
- Labels:
-
inputs.conf
-
universal forwarder
10-29-2024
04:14 PM
Hi, just wondered if oracle cloud had tagging to onboard data like AWS does for Splunk like this: splunk add monitor /var/log/secure thanks
... View more
- Tags:
- tagging
Labels
- Labels:
-
using Splunk Cloud
10-23-2024
10:54 AM
Hi, in getting a 201 token error on Splunk cloud maintenance dashboard. just wondered if anyone has seen this before.
... View more
Labels
- Labels:
-
troubleshooting
-
using Splunk Cloud
09-18-2024
09:12 AM
Hi, Is the Dnslookup available in Splunk cloud like enterprise?
... View more
Labels
- Labels:
-
using Splunk Cloud
05-17-2024
05:26 AM
Hi, Is there a way of bulk enabling alerts in Splunk enterprise? Thanks, Joe
... View more
- Tags:
- alerts
Labels
- Labels:
-
search macro
11-12-2023
01:35 AM
Thanks, if I enable maintenance mode won’t that stop data coming in or will the indexers that are up still be receiving data?
... View more
11-11-2023
04:53 PM
Hi, we have a two site 6 indexer cluster 3 per site and we are upgrading the CPU and each site will be offline for 3 hours per site, do I need to do anything on Splunk or do I need to run ./Splunk offline on 3 indexers at a time before they are shut down? Thanks
... View more
Labels
- Labels:
-
indexer
08-21-2023
02:04 PM
Hi, On certain events the indexed time is 24h after the event _time across all indexes on Splunk cloud, just wondered if anyone has seen this before it doesn’t look to matter on the source type that is used. thanks,
... View more
- Tags:
- ingest
Labels
05-12-2023
09:57 AM
Hi, I have two servers with identical server classes and apps one has onboard /var/log/secure and one has not, the one that has not has that message about the offset but the one which has doesn't have the offset message.
... View more
05-12-2023
09:20 AM
Hi,
I am onboarding the /var/log/secure path and i am getting the bellow about offset
INFO WatchedFile
/path/to/file.log
Will begin reading at offset=253 for file
Just wondered what I could do to resolve this?
Thanks,
Joe
... View more
- Tags:
- inputs.conf
Labels
- Labels:
-
inputs.conf
-
Linux
05-12-2023
05:23 AM
Hi, I am trying to use btool to find an index that is used in an inputs.conf: ./splunk btool inputs list --debug | grep "indexname" However I get nothing back, am I doing something wrong? Thanks, Joe
... View more
- Tags:
- btool
Labels
04-25-2023
08:13 AM
Hi,
We have integration with ServiceNow however we have an alert in a custom App to create a ticket to service now however the Problem_URL is wrong and is pointing to the search app instead of the custom app. I have checked the saved search in _internal logs and it is correct.
Any help would be greatly appreciated.
Thanks
... View more
- Tags:
- servicenow
Labels
- Labels:
-
configuration
02-27-2023
07:10 AM
hi, Spunk universal forwarder version 9..0.3 running at 100% cpu on Linux even after a restart is their a known issue/workaround for this? thanks, joe
... View more
- Tags:
- Universal Forwarder
02-21-2023
12:30 PM
Hi,
For field extractions in a clustered environment do you have to use the props.conf method or can you use the field extractor GUI on the search head?
Thanks,
Joe
... View more
- Tags:
- fields
Labels
- Labels:
-
fields
02-17-2023
12:39 AM
Yeah I want to completely remove 2023-02-16t14:14:25.827471424z stderr F I0216 14:14:25.827359.
... View more
02-16-2023
06:54 AM
Hi,
I have the bellow event:
{"log":"2023-02-16t14:14:25.827471424z stderr F I0216 14:14:25.827359 1 connection.go:153]
connecting to UNIX:///csi/csi.sock"
I need to remove 2023-02-16t14:14:25.827471424z stderr F I0216 14:14:25.827359 and have tried rex but unable to do so, just wondered if someone could help me?
Thanks,
Joe
... View more
- Tags:
- rex
Labels
- Labels:
-
field extraction
-
fields
01-30-2023
03:12 PM
Hi,
What would the btool command be to find a certain part Of an input.conf file?
Thanks
... View more
- Tags:
- btool
Labels
- Labels:
-
administration
01-30-2023
03:09 PM
Hi,
on Splunk cloud can you create a blank Splunk app for storing dashboards,alerts and reports or does it need reviewing by Splunk?
thanks
... View more
- Tags:
- admin
- Splunk App
Labels
- Labels:
-
administration
11-09-2022
02:45 PM
Hi , the timeframe is set to today and the span in the time chart is 1 hour. sometime the volume is lower or higher from the same hour.
... View more
11-09-2022
02:13 PM
Hi,
on our Splunk instance I have set a report using a time chart with a span of 1h and time frame of a day and the report is scheduled to run every hour however each time the report runs it shows different results. Just wondered if anyone has seen this before?
thanks,
joe
... View more
07-30-2022
03:57 AM
Hi, just wondering for the Microsoft Cloud Services from the documentation it says it is only required on the search head cluster however it does say optional on the heavy forwarder. My question is usually I setup the inputs on the deployment server however as this is cloud data should the inputs.conf be on the heavy forwarder or the search head? Thanks, Joe
... View more
Labels
- Labels:
-
administration
-
configuration
-
installation
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
12-12-2024
01:22 PM
|
Karma given to
