Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About plambert
plambert
Engager
Member since:
10-15-2012
06-05-2020
Community Statistics
| Posts | 6 |
| Solutions | 0 |
| Karma Given | 1 |
| Karma Received | 0 |
| Member Since | 10-15-2012 |
Activity Feed
- Karma internal splunk sockets stuck in CLOSE_WAIT for GreenKey. 06-05-2020 12:45 AM
- Posted Re: Rundeck App for Splunk token value exposed in log events on All Apps and Add-ons. 10-02-2018 03:27 PM
- Posted Re: Rundeck App for Splunk token value exposed in log events on All Apps and Add-ons. 09-25-2018 04:29 PM
- Posted Re: How come the Splunk top-level menu bar is not visible in Rundeck app for Splunk? on All Apps and Add-ons. 09-25-2018 01:26 PM
- Posted Re: Rundeck App for Splunk token value exposed in log events on All Apps and Add-ons. 09-25-2018 01:24 PM
- Posted Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Tagged Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Tagged Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Tagged Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Tagged Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Tagged Is it possible to set a custom HTTP response header from a custom API endpoint? on Getting Data In. 02-03-2017 05:35 PM
- Posted Parse multiple URLs in a single event, keeping key/values separate on Splunk Search. 09-14-2013 03:02 PM
- Tagged Parse multiple URLs in a single event, keeping key/values separate on Splunk Search. 09-14-2013 03:02 PM
- Tagged Parse multiple URLs in a single event, keeping key/values separate on Splunk Search. 09-14-2013 03:02 PM
- Tagged Parse multiple URLs in a single event, keeping key/values separate on Splunk Search. 09-14-2013 03:02 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 |
10-02-2018
03:27 PM
Please reach out to me at plambert@rundeck.com for a patched version of the application that we expect will resolve this issue. If you're able to take the time to verify in your environment that it is resolved, then we will give you the chance to do so before publishing it.
If you don't have the time to verify, we understand, just let me know and the updated version will be published soon after.
Paul M. Lambert
Platform Solutions Architect
Rundeck, Inc
... View more
09-25-2018
04:29 PM
If you need an immediate workaround, please comment out line 346 of $SPLUNK_HOME/etc/apps/rundeck_app/bin/rundeck.py .
We will have a new version with the correct fix (and not a workaround) released as soon as we can.
Thank you again for noticing and reporting this.
Paul M. Lambert
Platform Solutions Architect
Rundeck, Inc
... View more
09-25-2018
01:26 PM
You are right, that could be confusing. Our Engineering team are looking at this, and I'll respond here once they've had a chance to look at it.
Paul M. Lambert
Platform Solutions Architect
Rundeck Inc
... View more
09-25-2018
01:24 PM
Thank you for pointing this out. We're looking at it and will have a workaround and/or fix as soon as possible.
Paul M. Lambert
Platform Solutions Architect
Rundeck, Inc
... View more
02-03-2017
05:35 PM
Given a Splunk Enterprise instance, we'd like to implement a custom API handler that also sets the CORS headers in the response:
Access-Control-Allow-Origin: http://…
Access-Control-Allow-Credentials: true
The goal is to allow a cloud service, with a customer's consent as expressed by installing the custom application AND providing the URL for their Splunk Enterprise instance, to perform a specific search via the custom REST API endpoint handler.
Before we start to dig into it, is there anything in place to prevent or disallow this? Has anyone done this and have any tips?
... View more
09-14-2013
03:02 PM
I have log entries that look effectively like this: (I have to break the URLs so I can even post this, how annoying...)
2013-09-01T00:00:00.000 url1=http_:_//_foo._com_/hedgehogs.html?primate=ring-tailed%20lemur&movie=princess%20bride url2=http_:_//_bar._com_/weasels.html?primate=gorilla&terrain=marshland another_field=something another_field=something
I need to extract the query parameters, but still know which URL they came from.
For example, given the above entry, it should show up for a search like:
search url1_primate="ring-tailed lemur"
But NOT show up for a search like:
search url1_primate="gorilla"
If I search on the value of url1 or url2, then I have to do something like:
search url1="primate=ring-tailed lemur"
But that matches anything with that string--I get false matches with my real data because I might have the equivalent of "least_loved_primate=ring-tailed lemur" that'd be a false positive.
So, in summary, I think what I need to do is:
Extract the url1 and url2 fields explicitly
Extract the values of each url field into url1_* and url2_* fields with duplicate transforms
Prefix extracted query parameter keys with url1_ or url2_
I can do the first thing, but the others are hard. Ideas?
Paul
... View more
