Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- About boss6
boss6
Explorer
Member since:
04-10-2020
a week ago
Community Statistics
| Posts | 12 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 2 |
| Member Since | 04-10-2020 |
Activity Feed
- Got Karma for Re: Data Management Digest – May 2026. a week ago
- Got Karma for Re: Announcing Modern Navigation: A New Era of Splunk User Experience. 2 weeks ago
- Posted Re: Ask Questions, Get Help about Data Manager for Splunk Cloud on Getting Data In. 11-18-2021 12:43 PM
- Posted Re: Ask Questions, Get Help about Data Manager for Splunk Cloud on Getting Data In. 11-17-2021 02:08 PM
- Posted Re: Ask Questions, Get Help about Data Manager for Splunk Cloud on Getting Data In. 11-17-2021 05:31 AM
- Posted Re: How to remove sourcetype monitoring from TrackMe? on All Apps and Add-ons. 09-18-2020 11:32 AM
- Posted How to remove sourcetype monitoring from TrackMe? on All Apps and Add-ons. 09-18-2020 09:49 AM
- Tagged How to remove sourcetype monitoring from TrackMe? on All Apps and Add-ons. 09-18-2020 09:49 AM
- Posted Settings for upgrade ufw app on Splunk Enterprise. 06-15-2020 03:12 PM
- Posted Does splunk alert actions honor throttling? on Alerting. 04-10-2020 06:53 AM
- Tagged Does splunk alert actions honor throttling? on Alerting. 04-10-2020 06:53 AM
- Tagged Does splunk alert actions honor throttling? on Alerting. 04-10-2020 06:53 AM
- Tagged Does splunk alert actions honor throttling? on Alerting. 04-10-2020 06:53 AM
- Tagged Does splunk alert actions honor throttling? on Alerting. 04-10-2020 06:53 AM
- Posted Help with CentralOps Whois app on All Apps and Add-ons. 04-10-2020 06:15 AM
- Tagged Help with CentralOps Whois app on All Apps and Add-ons. 04-10-2020 06:15 AM
- Tagged Help with CentralOps Whois app on All Apps and Add-ons. 04-10-2020 06:15 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
11-18-2021
12:43 PM
Following up on my previous post - I'd also like to see the ability for this REST call to create lookups. The majority of my REST calls end up getting indexed, but that's only because there is no current method to make the external REST call and then simply format it and send it to a csv lookup file.
... View more
11-17-2021
02:08 PM
Hi, I'm looking for a way for Splunk to call an external REST endpoint (a vendor, for example) and then index that data. For on-prem, that was typically done with add-ons, but for Cloud, it's never been allowed. I'd like to see that functionality added, and it looks like the Data Manager would be a good place for it.
... View more
11-17-2021
05:31 AM
Any plans on adding a generic REST input add-on for the Data Manager? I know lots of people that are looking for this functionality and get frustrated, since there is nothing out there.
... View more
09-18-2020
11:32 AM
Received answer on Slack. Use elastic sources.
... View more
09-18-2020
09:49 AM
Hi, I've installed the TrackMe app in my Splunk Cloud environment. It's automatically discovered my environment, including indexes and sourcetypes. I want to monitor most sources by index, not sourcetype. I've configured the index to be monitored, but all the additional sourcetypes for that index still remain. Do I need to click on each of these and delete them? Is there another way to do this? It's a fair amount of sourcetypes.
... View more
- Tags:
- TrackMe
Labels
- Labels:
-
configuration
06-15-2020
03:12 PM
hi all, Has anyone able to get the upgrade ufw app for windows to work? I get a message in the logs saying it started, but nothing else, and I don't see any other logs. My MSI is in the \static directory, and I've tried the following as variables: App is: https://splunkbase.splunk.com/app/5003/ set "UPGRADEVER=8.0.4" set "UPGRADEFILE=static\splunkforwarder-8.0.4-767223ac207f-x64-release.msi" also this:set "UPGRADEVER=8.0.4" set "UPGRADEFILE=splunkforwarder-8.0.4-767223ac207f-x64-release.msi" The logs show that the job ran, but nothing has changed. No further details in any other logs.
... View more
Labels
- Labels:
-
upgrade
04-10-2020
06:53 AM
I've created an alert with a throttle, but it appears that the actions are not honoring the throttle. Does the action run regardless of the throttle?
... View more
Labels
- Labels:
-
alert action
-
throttling
04-10-2020
06:15 AM
has anyone had issues with the whois app command from centralops? https://splunkbase.splunk.com/app/3506/ - the dashboard form works fine, but when I enter the spl command - | centralopswhois output=fields limit=2 google.com it returns nothing.
I'm running this from a Splunk cloud instance.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
a week ago
|
