I'm using Splunk On-Prem. All I know is that the On-Prem Dashboard Studio Version is always behind the version in the Cloud. ... View more

Hi apietersen, I'm not a big fan of Dashboard Studio myself. Everything is so "clunky" and all the differences between the Cloud and On-Prem Version are simply frustrating. We're trying to use the Splunk UI Toolkit , which gives you full freedom to implement Single Page Applications (SPA) using the React technology. But you need React Developers for that. Regarding Trackme App:  you definitele have to check it out.  It's propably one of the best apps in the Splunk Store and very usefull.   ... View more

Hi apietersen, thanks for the update regarding version 8.2.6! Version 8.2.5. is a lot of fun 😞 This is what I get using TrackMe And here using Metricator for NMON Additionally some of my tables with custom JavaScript (SimpleXML BaseCellRenderer) aren't working anymore. Still looking for solution 😞 ... View more

BTW: I can reproduce the problem in version 8.2.4 All you have to do is to set version="1.1" <dashboard version="1.1"> As desrcibed here It seams to be related to the jQuery 3.5 update. ... View more

I also see the problem with Splunk's own dashboards. Here an example from the monitoring console: http://localhost:8000/en-US/app/splunk_monitoring_console/scheduler_activity_instance They are using: <option name="height">80px</option> The text under the the numbers is hidden: And here my test dashboard: <dashboard> <label>SPL-219946</label> <row> <panel> <single> <search> <query>| makeresults count=1 | eval id = random()</query> <earliest>-24h@h</earliest> <latest>now</latest> </search> <option name="height">50</option> </single> </panel> </row> </dashboard> Splunk Version 8.2.5 ... View more

Same problem her. Tried everything: host=host host=$host$ host={host} ...     ... View more

This is what worked for me: download the Python for Scientific Computing app https://splunkbase.splunk.com/app/2882 and copy the following two files  /opt/splunk/etc/apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/lib/python3.7/lib-dynload/mmap.cpython-37m-x86_64-linux-gnu.so /opt/splunk/etc/apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/lib/python3.7/lib-dynload/cmath.cpython-37m-x86_64-linux-gnu.so   to  /opt/splunk/lib/python3.7   Tested it with custom search commands. ... View more

I have version 8.0.2 installed and get the same error on my Search Head: Unable to initialize modular input "splunk_ta_aws_sqs" defined in the app "Splunk_TA_aws": Introspecting scheme=splunk_ta_aws_sqs: script running failed (exited with code 1) For some reasons I don't get this error on my Heavy Forwarder (8.0.2 as well) ... View more

On SUSE Linux Splunk 7.2.5 crashes too: [build 088f49762779] 2019-03-25 11:19:56 Received fatal signal 6 (Aborted). Cause: Signal sent by PID 4302 running under UID 0. Crashing thread: Main Thread Registers: RIP: [0x00007FA7BA97BF67] gsignal + 55 (libc.so.6 + 0x34F67) RDI: [0x00000000000010CE] RSI: [0x00000000000010CE] RBP: [0x00007FA7BACE76D8] RSP: [0x00007FFF638DDE18] RAX: [0x0000000000000000] RBX: [0x00007FA7BA11ACE0] RCX: [0x00007FA7BA97BF67] RDX: [0x0000000000000006] R8: [0x000000000000000A] R9: [0x00007FA7BBE387C0] R10: [0x0000000000000008] R11: [0x0000000000000202] R12: [0x00007FA7BA4C56A0] R13: [0x00007FA7BA11AC90] R14: [0x0000562779FDC920] R15: [0x0000000000000000] EFL: [0x0000000000000202] TRAPNO: [0x0000000000000000] ERR: [0x0000000000000000] CSGSFS: [0x0000000000000033] OLDMASK: [0x0000000000000000] OS: Linux Arch: x86-64 Backtrace (PIC build): [0x00007FA7BA97BF67] gsignal + 55 (libc.so.6 + 0x34F67) [0x00007FA7BA97D33A] abort + 314 (libc.so.6 + 0x3633A) [0x00005627796467AD] ZN9gnu_cxx27verbose_terminate_handlerEv + 349 (search-launcher + 0x25107AD) [0x00005627795CC1D6] _ZN10cxxabiv111_terminateEPFvvE + 6 (search-launcher + 0x24961D6) [0x00005627795CC221] ? (search-launcher + 0x2496221) [0x00005627795CC5E8] ? (search-launcher + 0x24965E8) [0x0000562777BA78B9] ? (search-launcher + 0xA718B9) [0x0000562778816BD8] _Z17ProcessRunnerInitRK8Pathname + 808 (search-launcher + 0x16E0BD8) [0x0000562778E933AA] ? (search-launcher + 0x1D5D3AA) [0x0000562778817253] _ZN32ProcessRunnerChildCommandHandler19handle_command_forkEPK18proto_fork_commandPKv + 803 (search-launcher + 0x16E1253) [0x00005627788175D4] _ZN32ProcessRunnerChildCommandHandler11consumeDataERK3Str + 356 (search-launcher + 0x16E15D4) [0x000056277879494B] _ZN21SocketCommandConsumer13when_readableE18PollableDescriptor + 219 (search-launcher + 0x165E94B) [0x0000562778795D25] _ZN12PolledSocket3Pfd11when_eventsE18PollableDescriptor + 85 (search-launcher + 0x165FD25) [0x0000562778796246] _ZN8PolledFd8do_eventEv + 134 (search-launcher + 0x1660246) [0x000056277879721B] _ZN9EventLoop3runEv + 651 (search-launcher + 0x166121B) [0x00005627788166AC] _ZN20ExternalProcessGroup20process_runner_childERK8PathnameR14PolledReadPipe + 1084 (search-launcher + 0x16E06AC) [0x0000562778816BC5] _Z17ProcessRunnerInitRK8Pathname + 789 (search-launcher + 0x16E0BC5) [0x00005627782FBBD8] _ZN16SplunkMainThreadC1ERK8Pathnameb + 1064 (search-launcher + 0x11C5BD8) [0x0000562777BBE7D1] main + 17937 (search-launcher + 0xA887D1) [0x00007FA7BA967725] __libc_start_main + 245 (libc.so.6 + 0x20725) [0x0000562777C909A2] ? (search-launcher + 0xB5A9A2) Linux / zbm-sl-muc-0099 / 4.4.155-94.50-default / #1 SMP Tue Sep 11 13:04:00 UTC 2018 (bc8c7c0) / x86_64 /etc/SuSE-release: SUSE Linux Enterprise Server 12 (x86_64) glibc version: 2.22 glibc release: stable Last errno: 11 Threads running: 1 Runtime: 176.912315s argv: [splunkd --under-systemd --systemd-delegate=yes -p 8089 _internal_launch_under_systemd] Process renamed: [splunkd pid=1567] splunkd --under-systemd --systemd-delegate=yes -p 8089 _internal_launch_under_systemd [process-runner] Process renamed: [splunkd pid=1567] [search-launcher] Regex JIT enabled using CLOCK_MONOTONIC Preforked process=0/20: process_runtime_msec=12, completed_searches=0, user_changes=0, cache_rotations=0 First 512 bytes of PolledFd object @0x7fff638dec90: 00000000 e0 8c fd 79 27 56 00 00 00 00 00 00 da dd 42 65 |...y'V........Be| 00000010 00 8f 08 7a 27 56 00 00 00 00 00 00 00 00 00 00 |...z'V..........| 00000020 80 ef 8d 63 ff 7f 00 00 00 00 00 00 00 00 00 00 |...c............| 00000030 00 00 00 00 00 00 f0 3f 08 00 00 00 03 00 00 00 |.......?........| 00000040 40 b5 0b ba a7 7f 00 00 1b 20 00 00 ff 7f 00 00 |@........ ......| 00000050 00 00 00 00 00 00 00 00 7f 03 8d 63 ff 7f 00 00 |...........c....| 00000060 80 ec 8d 63 ff 7f 00 00 08 ed 8d 63 ff 7f 00 00 |...c.......c....| 00000070 00 00 00 00 00 00 00 00 00 f2 8d 63 ff 7f 00 00 |...........c....| 00000080 01 00 00 00 00 00 00 00 70 ee 8d 63 ff 7f 00 00 |........p..c....| 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000e0 01 00 00 00 00 00 00 00 00 a0 12 ba a7 7f 00 00 |................| 000000f0 65 00 00 00 00 00 00 00 30 0b 00 00 00 00 00 00 |e.......0.......| 00000100 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000110 00 00 00 00 00 00 00 00 70 8d 12 ba a7 7f 00 00 |........p.......| 00000120 d0 87 12 ba a7 7f 00 00 30 9a 12 ba a7 7f 00 00 |........0.......| 00000130 12 00 00 00 00 00 00 00 08 7e 02 bc a7 7f 00 00 |.........~......| 00000140 00 00 00 00 ff 7f 00 00 e0 8c 12 ba a7 7f 00 00 |................| 00000150 60 88 12 ba a7 7f 00 00 a0 99 12 ba a7 7f 00 00 |`...............| 00000160 12 00 00 00 00 00 00 00 00 ec 8d 63 ff 7f 00 00 |...........c....| 00000170 70 ee 8d 63 ff 7f 00 00 b0 07 16 ba a7 7f 00 00 |p..c............| 00000180 26 00 00 00 00 00 00 00 26 00 00 00 00 00 00 00 |&.......&.......| 00000190 00 00 00 00 00 00 00 00 10 5d 0a ba a7 7f 00 00 |.........]......| 000001a0 2a 00 00 00 00 00 00 00 2a 00 00 00 00 00 00 00 |..............| 000001b0 00 00 00 00 00 00 00 00 1f 06 00 00 54 07 00 00 |............T...| 000001c0 d0 e5 4e ba a7 7f 00 00 d0 e5 4e ba a7 7f 00 00 |..N.......N.....| 000001d0 e0 e5 4e ba a7 7f 00 00 00 00 00 00 00 00 00 00 |..N.............| 000001e0 fe 22 b8 39 c1 c8 57 3f c6 00 00 00 00 00 00 00 |.".9..W?........| 000001f0 af 71 59 03 00 00 00 00 01 70 72 6f 63 2f 73 65 |.qY......proc/se| 00000200 x86 CPUID registers: 0: 0000000D 756E6547 6C65746E 49656E69 1: 000406F0 0E010800 FFFA3203 0FABFBFF 2: 76036301 00F0B5FF 00000000 00C30000 3: 00000000 00000000 00000000 00000000 4: 00000000 00000000 00000000 00000000 5: 00000000 00000000 00000000 00000000 6: 00000004 00000000 00000000 00000000 7: 00000000 00000000 00000000 00000000 8: 00000000 00000000 00000000 00000000 9: 00000000 00000000 00000000 00000000 A: 07300401 0000007F 00000000 00000000 B: 00000000 00000000 00000070 0000000E C: 00000000 00000000 00000000 00000000 😧 00000000 00000000 00000000 00000000 80000000: 80000008 00000000 00000000 00000000 80000001: 00000000 00000000 00000121 2C100800 80000002: 65746E49 2952286C 6F655820 2952286E 80000003: 55504320 2D354520 30393632 20347620 80000004: 2E322040 48473036 0000007A 00000000 80000005: 00000000 00000000 00000000 00000000 80000006: 00000000 00000000 01006040 00000000 80000007: 00000000 00000000 00000000 00000100 80000008: 0000302B 00000000 00000000 00000000 terminating... ... View more

To accomplish this, I would have to "hack" the splunk-perfmon.exe 😉 ... View more

Good point. I'm currently using the multikv mode and the data volume is really small ... View more

@ddrillic: thanks for the answer, but I already know this document. I'm talking about the new Splunk 7 feature: metrics index. ... View more