×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
madhav_dholakia
Contributor
Member since: ‎04-27-2020
3 weeks ago
Community Statistics
Posts 109
Solutions 4
Karma Given 45
Karma Received 7
Member Since ‎04-27-2020
Activity Feed
Topics I've Started
View All

Re: DB Connect MySQL Connection

by in Getting Data In
‎05-26-2021 03:45 AM
‎05-26-2021 03:45 AM
Hi @s2_splunk - DBX is now upgraded and on saving the connection, it is giving a message as shown below: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server. Edit: JDBC URL includes below params:   useLegacyDateTimeCode=false&serverTimezone=Europe/London   Can you please suggest further? Thank you.    java.net.SocketTimeoutException: connect timed out at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:607) at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:211) at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:300) at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2203) at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2236) at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2035) at com.mysql.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:790) at com.mysql.jdbc.JDBC4Connection.<init>(JDBC4Connection.java:47) at sun.reflect.GeneratedConstructorAccessor81.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at com.mysql.jdbc.Util.handleNewInstance(Util.java:425) at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:400) at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330) at com.splunk.dbx.service.driver.DelegatingDriver.connect(DelegatingDriver.java:23) at com.zaxxer.hikari.util.DriverDataSource.getConnection(DriverDataSource.java:138) at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:358) at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:206) at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:477) at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:560) at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:115) at com.zaxxer.hikari.HikariDataSource.getConnection(HikariDataSource.java:112) at com.splunk.dbx.connector.ConnectorFactory.getConnectionFromPool(ConnectorFactory.java:201) at com.splunk.dbx.connector.ConnectorFactory.getConnection(ConnectorFactory.java:189) at com.splunk.dbx.connector.ConnectorFactory.create(ConnectorFactory.java:174) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getStatus(DatabaseMetadataServiceImpl.java:138) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getConnectionStatus(DatabaseMetadataServiceImpl.java:102) at com.splunk.dbx.server.api.resource.ConnectionResource.getConnectionStatus(ConnectionResource.java:60) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:124) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:167) at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:219) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:79) at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:469) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:391) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:80) at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:253) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244) at org.glassfish.jersey.internal.Errors.process(Errors.java:292) at org.glassfish.jersey.internal.Errors.process(Errors.java:274) at org.glassfish.jersey.internal.Errors.process(Errors.java:244) at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265) at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232) at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680) at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394) at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:366) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:319) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205) at io.dropwizard.jetty.NonblockingServletHolder.handle(NonblockingServletHolder.java:50) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1651) at io.dropwizard.servlets.ThreadNameFilter.doFilter(ThreadNameFilter.java:35) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1638) at io.dropwizard.jersey.filter.AllowedMethodsFilter.handle(AllowedMethodsFilter.java:47) at io.dropwizard.jersey.filter.AllowedMethodsFilter.doFilter(AllowedMethodsFilter.java:41) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1638) at com.splunk.dbx.server.api.filter.ResponseHeaderFilter.doFilter(ResponseHeaderFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1638) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:567) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1377) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:507) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1292) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:249) at io.dropwizard.jetty.RoutingHandler.handle(RoutingHandler.java:52) at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:767) at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:54) at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:173) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:501) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:556) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:273) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:375) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) at java.lang.Thread.run(Thread.java:748)       ... View more

Re: DB Connect MySQL Connection

by in Getting Data In
‎05-23-2021 10:45 PM
‎05-23-2021 10:45 PM
Thanks, @s2_splunk - I have requested Splunk Support to upgrade the DBX version (we are using Splunk Cloud). Once it is done, I will check this again and share feedback. Thank you. ... View more

Re: DB Connect MySQL Connection

by in Getting Data In
‎05-17-2021 11:54 PM
‎05-17-2021 11:54 PM
Hi @s2_splunk, It is 3.3.0 Thank you. ... View more

DB Connect MySQL Connection

by in Getting Data In
‎05-17-2021 04:20 AM
‎05-17-2021 04:20 AM
Hi, I am trying to create a new MySQL Connection in DB Connect Driver installed : 5.1 Application using JDK7 and java MySQL connector version - 5.1.18 User used for creating this connection is Read-Only When I add all the required fields and click on save, it gives the "there was an error processing your request" message. File splunk_app_db_connect_server.log shows the below error:   2021-05-17 11:06:28.239 +0000 [dw-2337144 - POST /api/connections/status] ERROR io.dropwizard.jersey.errors.LoggingExceptionMapper - Error handling a request: f78a9008d0c2e4bb java.lang.NullPointerException: null at com.splunk.dbx.connector.logger.AuditLogger.replace(AuditLogger.java:50) at com.splunk.dbx.connector.logger.AuditLogger.error(AuditLogger.java:44) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getStatus(DatabaseMetadataServiceImpl.java:159) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getConnectionStatus(DatabaseMetadataServiceImpl.java:116) at com.splunk.dbx.server.api.resource.ConnectionResource.getConnectionStatusOfEntity(ConnectionResource.java:72) at sun.reflect.GeneratedMethodAccessor266.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:124) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:167) at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:219) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:79) at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:469) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:391) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:80) at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:253) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244) at org.glassfish.jersey.internal.Errors.process(Errors.java:292) at org.glassfish.jersey.internal.Errors.process(Errors.java:274) at org.glassfish.jersey.internal.Errors.process(Errors.java:244) at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265) at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232) at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680) at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:392) at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:365) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:318) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205) at io.dropwizard.jetty.NonblockingServletHolder.handle(NonblockingServletHolder.java:50) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) at io.dropwizard.servlets.ThreadNameFilter.doFilter(ThreadNameFilter.java:35) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at io.dropwizard.jersey.filter.AllowedMethodsFilter.handle(AllowedMethodsFilter.java:47) at io.dropwizard.jersey.filter.AllowedMethodsFilter.doFilter(AllowedMethodsFilter.java:41) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at com.splunk.dbx.server.api.filter.ResponseHeaderFilter.doFilter(ResponseHeaderFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:249) at io.dropwizard.jetty.RoutingHandler.handle(RoutingHandler.java:52) at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:717) at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:54) at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:173) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:500) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) at java.lang.Thread.run(Thread.java:748)    Can you please suggest how this can be resolved? Edit 1: on some of the other answers, I read it could be because of invalid db user creds/access rights issue but I have tries login using the same creds through MySQL Workbench and it works fine. Thank you. ... View more

Re: DB Connect Oracle Connection Null Pointer Exce...

by in Getting Data In
‎08-31-2020 05:50 AM
‎08-31-2020 05:50 AM
i am using local sql credentials. Thank you. ... View more

Re: DB Connect Oracle Connection Null Pointer Exce...

by in Getting Data In
‎08-31-2020 05:14 AM
‎08-31-2020 05:14 AM
ok so this connection worked for a few mins last week, not sure but it has stopped working from this morning. The entity I have created here, I can connect to Oracle Instance through sqlplus using the same credentials. ... View more

Re: DB Connect Oracle Connection Null Pointer Exce...

by in Getting Data In
‎08-31-2020 04:30 AM
‎08-31-2020 04:30 AM
Hi @thambisetty , yes Java and JDBC Driver - both are installed. Thank you. ... View more

DB Connect Oracle Connection Null Pointer Exceptio...

by in Getting Data In
‎08-31-2020 01:40 AM
‎08-31-2020 01:40 AM
Hello, I am trying to create a connection to Oracle DB but on saving the connection, splunk_app_db_connect_server.log shows below error: 2020-08-31 09:20:34.764 +0100 [dw-56 - POST /api/connections/status] ERROR io.dropwizard.jersey.errors.LoggingExceptionMapper - Error handling a request: bd54ff303cdcc36b java.lang.NullPointerException: null at com.splunk.dbx.connector.logger.AuditLogger.replace(AuditLogger.java:50) at com.splunk.dbx.connector.logger.AuditLogger.error(AuditLogger.java:44) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getStatus(DatabaseMetadataServiceImpl.java:159) at com.splunk.dbx.server.api.service.database.impl.DatabaseMetadataServiceImpl.getConnectionStatus(DatabaseMetadataServiceImpl.java:116) at com.splunk.dbx.server.api.resource.ConnectionResource.getConnectionStatusOfEntity(ConnectionResource.java:72) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:124) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:167) at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:219) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:79) at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:469) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:391) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:80) at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:253) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244) at org.glassfish.jersey.internal.Errors.process(Errors.java:292) at org.glassfish.jersey.internal.Errors.process(Errors.java:274) at org.glassfish.jersey.internal.Errors.process(Errors.java:244) at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265) at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232) at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680) at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:392) at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:365) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:318) at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205) at io.dropwizard.jetty.NonblockingServletHolder.handle(NonblockingServletHolder.java:50) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) at io.dropwizard.servlets.ThreadNameFilter.doFilter(ThreadNameFilter.java:35) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at io.dropwizard.jersey.filter.AllowedMethodsFilter.handle(AllowedMethodsFilter.java:47) at io.dropwizard.jersey.filter.AllowedMethodsFilter.doFilter(AllowedMethodsFilter.java:41) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at com.splunk.dbx.server.api.filter.ResponseHeaderFilter.doFilter(ResponseHeaderFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:249) at io.dropwizard.jetty.RoutingHandler.handle(RoutingHandler.java:52) at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:717) at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:54) at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:173) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:500) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) at java.lang.Thread.run(Thread.java:748)  Splunk 8.0.5 DB Connect 3.3.1   Can someone please suggest how to resolve this? Thank you.   ... View more
Labels

Re: db connect event time mismatch

by in Getting Data In
‎08-07-2020 12:47 AM
‎08-07-2020 12:47 AM
Hi @misterduke - thank you for your suggestions and sorry for the very delayed reply. MySQL DB Server Timezone is UTC I have changed Timezone under DBConnect - Connection - Configuration as "Etc/UTC: +00:00" but I can see negative latency here, i.e., _indextime MINUS _time gives me a negative value Can you please suggest what else I can check to get this fixed. Thank you. ... View more

Re: db connect event time mismatch

by in Getting Data In
‎07-12-2020 10:21 PM
‎07-12-2020 10:21 PM
Hi @misterduke , apologies for the delayed response. Please below details, can you please suggest in case any changes required here. I am querying the data from mysql database via rising column. There is a column called "Last Update" which is a timestamp and that is set as a rising column. Timezone in my dbconnect database connection is Etc/GMT: +00:00 My user on splunk server has the timezone as GMT/London. Thank you. ... View more

db connect event time mismatch

by in Getting Data In
‎07-07-2020 10:24 PM
‎07-07-2020 10:24 PM
Hello, I have a query regarding getting data in using DB Connect App. I am using Splunk cloud instance and DB Connect is installed on IDM. On DB Connect, there is a connection created for MySQL DB. Possibly because of some time zone issues, I am getting the data from MySQL DB to DB Connect with a delay of an hour. I have tried changing timezone under jdbc connection screen and also tried adding "useLegacyDatetimeCode=false" in jdbc path but that has not helped. Can someone please suggest what else I can check here? Thank you. ... View more
Labels

Re: Search - count by 2 fields

by in Splunk Search
‎06-23-2020 05:48 AM
‎06-23-2020 05:48 AM
Thank you @robinsonalex88  ... View more

Re: Number Display Viz

by in Dashboards & Visualizations
‎06-23-2020 04:10 AM
1 Karma
‎06-23-2020 04:10 AM
1 Karma
Thanks @niketn  ... View more

Re: Search - count by 2 fields

by in Splunk Search
‎06-22-2020 10:46 PM
‎06-22-2020 10:46 PM
Thank you, @robinsonalex88 - yes, there were 20k+ events and I was using | sort without specifying "0". After I added "| sort 0 -lastUpdate", it works fine and gives correct numbers. So just for my understanding, if we use just "| sort" and have more than 10k+ events, it will consider only those events to get the results, correct? Thank you. ... View more

Re: Number Display Viz

by in Dashboards & Visualizations
‎06-22-2020 08:14 PM
‎06-22-2020 08:14 PM
Hi @niketn , thank you for this work around, will be surely helpful. I have never tried looking/changing the source code - if you can suggest any helpful doc to understand the same for beginner.  Thank you. ... View more

Re: Search - count by 2 fields

by in Splunk Search
‎06-22-2020 06:32 AM
‎06-22-2020 06:32 AM
Hi, I have just removed sorting based on lastUpdate from the query I posted in my question and then it is giving correct result. index=idx_1 source="idx_src_1" sourcetype="idx_srctype_1" | rename COMMENT as "removed sorting data in descending order and only kept dedup for incident id" | dedup incID | rename COMMENT as "to get the count of incidents for each team by incident status" | chart count by incStatus,teamName I do not understand this behavior but it somehow worked. Thank you. ... View more

Re: Search - count by 2 fields

by in Splunk Search
‎06-22-2020 01:17 AM
‎06-22-2020 01:17 AM
Thank you. I have tried this but still not getting correct numbers. ... View more

Re: Number Display Viz

by in Dashboards & Visualizations
‎06-22-2020 01:09 AM
‎06-22-2020 01:09 AM
Hi @niketn - please see below sample search. index=idx source="idx_src" sourcetype="idx_srctype" | rename COMMENT as "sorting data in descending order and removing duplicates by keeping the latest record for each incident id" | sort -lastUpdate | dedup ID | where Status="Closed" | fields TeamName ID InsideSLA | rename COMMENT as "data feed is having a flag InsideSLA, 1=Incident closed within SLA, 0=Incident closed outside SLA" | eval inSLACount=if(InsideSLA="1",1,0) | rename COMMENT as "Target SLA are different for different teams" | eval targetSLA=if((TeamName="Team1" OR TeamName="Team2"),95,90) | stats sum(inSLACount) as InsideSLA, count(ID) as totalCount, values(targetSLA) as targetSLA by TeamName | eval currentSLA=round(InsideSLA/(totalCount)*100,2) | table TeamName, currentSLA, targetSLA | rename COMMENT as "renaming columns to the default column names used by this viz" | rename TeamName as value, currentSLA as title, targetSLA as subtitle | eval subtitle=subtitle."%" | table value, title, subtitle | sort value . Thank you.   ... View more

Search - count by 2 fields

by in Splunk Search
‎06-20-2020 09:26 PM
‎06-20-2020 09:26 PM
Hello, I have a live database feed through DB Connect. This feed is having incidents data for different teams and _time is set to last_updated. I am trying to find count of different incident statuses by Teams , I am trying below search (with time-picker set to last 6 months) but it is not showing correct numbers: index=idx_1 source="idx_src_1" sourcetype="idx_srctype_1" | rename COMMENT as "sorting data in descending order and removing duplicates by keeping the latest record for each incident id" | sort -lastUpdate | dedup incID | rename COMMENT as "to get the count of incidents for each team by incident status" | chart count by incStatus,teamName but if I specify a team name in the search, it gives correct numbers: index=idx_1 source="idx_src_1" sourcetype="idx_srctype_1" teamName="Team1" | rename COMMENT as "sorting data in descending order and removing duplicates by keeping the latest record for each incident id" | sort -lastUpdate | dedup incID | chart count by incStatus,teamName  Can someone please suggest me on how to resolve this. Thank you. Madhav ... View more
Labels

Number Display Viz

by in Dashboards & Visualizations
‎06-17-2020 11:58 PM
‎06-17-2020 11:58 PM
Hello, I am creating a panel on dashboard which shows SLA % for different teams and each of these teams have different SLA target. I have got a search ready to get the required data (i.e., Team, Actual SLA, Target SLA). I am using Number Display Viz (Spinner - Big Dash), with Team as Title, Actual SLA as Value and Target SLA as Subtitle. I can format the threshold coloring from "General" tab based on Value (Actual SLA) but how to format threshold coloring in such a way that if Actual SLA is less than Target SLA, Spinner should be Red and if Actual SLA is greater than Target SLA, Spinner should be Green? Thank you. Madhav     ... View more
Labels

Re: Splunk Search for Total Values

by in Splunk Search
‎06-10-2020 05:15 AM
‎06-10-2020 05:15 AM
Thank you, @bmunson_splunk ... View more

Re: Splunk Search for Total Values

by in Splunk Search
‎06-10-2020 05:11 AM
‎06-10-2020 05:11 AM
@to4kawa - works perfectly fine. Thank you very much. ... View more

Splunk Search for Total Values

by in Splunk Search
‎06-09-2020 11:22 PM
‎06-09-2020 11:22 PM
Hello There, I have got a search result as given below (without the highlighted row, i.e. Total): Analyst Month Total Count SLA (%) Working Days Daily Count (Total Count / Working Days) ABC May-20 68 97 18 3.77 DEF May-20 45 100 20 2.25 GHI May-20 25 94 15 1.66 JKL May-20 86 98 22 3.91 Total May-20 224 97.25 75 2.97   Data for all these columns (except "Working Days") is available through a DB Connect Database live feed. Data for column "Working Days" is stored in a csv lookup file (created through Lookup Editor). Search which gives me above output (without Total Values) is something like: | inputlookup TeamDetails.csv | addinfo | eval temp=strftime(info_min_time,"%B-%Y") | where Month_Year=temp | table Analyst Month_Year | join type=left Analyst [search index="idx_test" source="src_test" sourcetype="srctype_test" | sort -editTime | dedup id | lookup TeamDetails.csv Analyst OUTPUT WorkingDays | stats count as TotalCount by Analyst, WorkingDays | eval DailyCount=round(TotalCount/WorkingDays,2) | table Analyst DailyCount WorkingDays ] | join type=left Analyst [search index="idx_test" source="src_test" sourcetype="srctype_test" | sort -editTime | dedup id | eval inSLACount=if(SLA_Flag="1",1,0) | eval outSLACount=if(SLA_Flag="0",1,0) | stats sum(inSLACount) as insideSLA, sum(outSLACount) as outsideSLA, count(id) as TotalCount by Analyst | eval SLA=round(insideSLA/(TotalCount)*100,2) | table Analyst SLA TotalCount ] | table Analyst Month_Year TotalCount SLA WorkingDays DailyCount How can I change this search so that I get above given table output (including Total numbers). Thank you. Madhav ... View more
Labels

Re: Splunk DB Connect: How to create a batch input...

by in All Apps and Add-ons
‎06-03-2020 09:54 PM
‎06-03-2020 09:54 PM
Thanks, I have created a separate index with 5 days retention period. And yes, I can use dedup but just wanted to keep index as clear as possible, by removing redundant data. Thank you for your help on this. If you can convert your comment to an answer, I can accept it. Thank you. ... View more

Re: Splunk DB Connect: How to create a batch input...

by in All Apps and Add-ons
‎06-02-2020 10:28 PM
‎06-02-2020 10:28 PM
Thank you for the reply. Actually I do not have any date/time column which I can use for raising input. The data I want from DB is a Flag Column with values changing from Yes to No and No to Yes - so thought of using batch input. But in case I create an index with retention policy of 3 or 5 days, and that should help, I believe. Thank you for your inputs. ... View more
Contact Me
Online Status
Offline
Date Last Visited
3 weeks ago
Karma from
Karma given to