Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About dolj
dolj
Loves-to-Learn Everything
Member since:
05-02-2020
04-05-2024
Community Statistics
| Posts | 10 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 05-02-2020 |
Activity Feed
- Posted using addcoltotals on Splunk Search. 08-09-2023 01:24 PM
- Tagged using addcoltotals on Splunk Search. 08-09-2023 01:24 PM
- Posted Is there a limit to the number of white/blacklists you can put under a stanza in the serverclass.conf file? on Deployment Architecture. 04-27-2023 05:57 AM
- Posted inputs.conf blacklist format- Is there a format that needs to be adhered to when using a blacklist with regex? on Getting Data In. 02-11-2023 03:13 PM
- Tagged inputs.conf blacklist format- Is there a format that needs to be adhered to when using a blacklist with regex? on Getting Data In. 02-11-2023 03:13 PM
- Tagged inputs.conf blacklist format- Is there a format that needs to be adhered to when using a blacklist with regex? on Getting Data In. 02-11-2023 03:13 PM
- Tagged inputs.conf blacklist format- Is there a format that needs to be adhered to when using a blacklist with regex? on Getting Data In. 02-11-2023 03:13 PM
- Posted What is the best was to identify the outage window in one search? on Splunk Search. 06-13-2022 11:55 AM
- Posted Re: Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-24-2020 08:24 PM
- Posted Re: Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-23-2020 08:11 PM
- Posted Re: Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-23-2020 08:06 PM
- Posted Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Tagged Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Tagged Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Tagged Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Tagged Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Tagged Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. on Deployment Architecture. 05-22-2020 09:47 PM
- Posted Re: Data input for Browsing History analysis app on All Apps and Add-ons. 05-05-2020 05:29 PM
- Posted Data input for Browsing History analysis app on All Apps and Add-ons. 05-02-2020 11:29 PM
- Tagged Data input for Browsing History analysis app on All Apps and Add-ons. 05-02-2020 11:29 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
08-09-2023
01:24 PM
Can you leverage the total derived using the addcoltotals command to support other calculations? i.e. can you use it to calculate a percentage? | addcoltotals count labelfield="total" | eval percent=((count/total)*100) | table host count percent
... View more
- Tags:
- addcoltotlats
04-27-2023
05:57 AM
I see there is a limit in the inputs.conf (1-9) but what about the serverclass.conf file? There is no mention in the documentation. https://docs.splunk.com/Documentation/Splunk/9.0.4/Admin/Inputsconf
... View more
Labels
- Labels:
-
deployment client
02-11-2023
03:13 PM
is there a format that needs to be adhered to when using a blacklist with regex?
I am trying to format "New Process Name:" with a regex that will extract events from a specific data source.
I have tested the regex with regex101 and it identifies the events that I want to filter and is basically
blacklist3 = New\sProcess\sName\:\s+C\:\\Program\sFiles\s\(x86\)\\......
should that work or do I need to format it something more like
blacklist3 = New Process Name = C\:\\Program\sFiles\s\(x86\)\\......
my current blacklist is resulting in
ExecProcessor - message from ""C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe"" splunk-winevtlog - Processing: 'blacklist3' [legacy], range error found in 'regex'......
According to this document,
https://docs.splunk.com/Documentation/Splunk/9.0.3/Data/Whitelistorblacklistspecificincomingdata
blacklist = <your_custom_regex>
should work.
Thanks
... View more
Labels
- Labels:
-
blacklist
-
inputs.conf
06-13-2022
11:55 AM
is there a best practice search to find the last event sent at the start of an outage and the first event the come in after the outage for a specific data source was rectified? Basically what is the best was to identify the outage window in one search?
... View more
Labels
- Labels:
-
other
05-24-2020
08:24 PM
not sure why but it wasn't working and it now is.
I found this log related to the web UI
05-24-2020 23:12:06.172 -0400 ERROR UiHttpListener - An applicaiton server has exited unexpectedly, web UI cannot be used until it is restarted
... View more
05-23-2020
08:11 PM
the only thing in ./local/web.conf is
[settings]
startwebserver = 1
~
this is a test DS that I am trying to upgrade before hitting prod.
... View more
05-23-2020
08:06 PM
checked the splunkd.log while restarting and there were no WARN or ERROR messages only INFO. When you tail the splunkd.log there are not entries written while starting, stopping, or restarting.
... View more
05-22-2020
09:47 PM
I have just upgraded my Splunk deployment server from 7.3 to 8.0 and after upgrading the web UI will not come up. I was trying to troubleshoot and was looking at the web_service.log but for some reason it is empty (0 bytes). I cannot figure out why it is not getting any logs or why the UI drops after the upgrade. Any suggestions would be greatly appreciated.
... View more
Labels
- Labels:
-
deployment server
05-05-2020
05:29 PM
I Installed 6.5.10 and configured all windows event logs locally and see events coming in but nothing in the borwser index and nothing in the dashboar even after a restart.
... View more
05-02-2020
11:29 PM
Hello,
I am new to Splunk and am trying to get the browsing histroy analysis app running on splunk eterprise (demo) that is capturing local logs as well as logs from a UF. I am stummped as I do not know what data input to use and there is not very much documentaion. That I have be able to find. Any help getting the data input setup would bre greatly appreciated.
Thanks
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
04-05-2024
09:50 AM
|
