Splunk Dev

Discussions

Thread Info

How to add Splunk Linux ctypes library to folder bin?

Splunk Linux does not have library ctypes by default, how can I add this library to my folder bin?I try to develop cu...

by Engager in

Data input configuration for UDP syslogs from sonicwall firewall

Hi there, I need your support to configure Splunk for our network security environment. I have installed Splunk in...

by New Member in

Regex to remove all the special charater from date and convert it as a string

I have a variable temp = 2019/19/09_04:02:49:344 and I want to remove all the special character from it like 20191909...

by Path Finder in

How To Run Python On App Install

I want to run some authenticated Python code when an app installs, to kick off an action. What's the best way to d...

by Splunk Employee in

Why does the SearchManager data event fire more than once in Splunk 6.5.2?

I've just upgraded to Splunk 6.5.2 from 6.3.1 and the data event of the SearchManager seems to be firing twice under ...

by Explorer in

Log Storage in Intermediate(Relay) Forwarder

When the relay forwarder (UF) receives the log data from each target device and sends it to the indexer, will it stor...

by Engager in

Need help in extracting results from two indexes?

In the below query, I'm using indexes "abc" and "def" and extracting the results only for the accounts which are pres...

by Explorer in

Cloudwatch logs streaming to splunk

in splunk cloud i am trying to push RDS cloudwatch logs in splunk through creating New Input option but i could not a...

by Explorer in

Is there a way to compile a custom alert python script?

Hi, I wanna ask if there is a way to obfuscate/hide a python code that works on Splunk? Tried Cython and py_compile t...

by New Member in

Receiving the error in Phantom when adding external Splunk under administration settings

In Phantom, when adding an External Splunk under Administration Settings -> Search Settings, getting an error that te...

by New Member in

Extract selected fields from .txt

Hi All, I Need to extract " CURDEPTH(553)" and "MAXDEPTH(15000)" as two seperate fields from the below .txt file (bel...

by New Member in

Is it possible to use Trellis with SplunkJS Stack ?

Hello, I'm trying out the SplunkJS Stack 1.1 in an external webapp and I'm successfully running my searches and ch...

by New Member in

facing issue in field extraction for regex

Hi All, I wish to create a regex that should work with multiple log format using 2 type log format. 1) log format: 5...

by Loves-to-Learn in

Splunklib (python)/API issues after update to 7.2.0: "ParseError: mismatched tag: line 10625, column 2".

Hello, I have been running some scripts using splunklib for the past year or so without any issues. I recently up...

by Engager in

ODBC connector for Splunk 7.x(Cloud)

Is there a planned release for ODBC connector to support Splunk 7.x connectivity with Tableau ? Our customers are loo...

by Engager in

Python script for REST API call

Hi All, I have a use case where I need to create an API connection and but the problem is we need to have an acces...

by Path Finder in

Why isn't date modifier working for the services/search/jobs/export API?

Hi,I am written python code to download data from splunk for the given search and given date range but it seems date ...

by Explorer in

Splunk_server field is not available when we search with CIM syntax

Hello Community! When we do some search in CIM syntax with Splunk 6.6.x , we saw the CIM fields like por example :...

by Path Finder in

Is there a way to re-intialize the current indexes? instead of recreating one?

Is there a way to re-intialize the current indexes? instead of recreating one? We are in the process of depoying S...

by Communicator in

Ordering Events that arrive with the same timestamp but are out of order

I have a few instances where I will get status events for when jobs are running very quickly and appear as the same t...

by Explorer in

Are there any plans to migrate Splunk to Python 3.x?

Is this on Splunk's roadmap? The clock is ticking... https://pythonclock[.]org/

by Path Finder in

Getting error and connection failure using client.connect.

here is my code: import splunklib.client as client HOST = "myhost" PORT = 8000 USERNAME = "admin" PASSWORD = "mypa...

by New Member in

How to create a KVStore using Python SDK w/ SPL commands?

Hello,I am trying to create a kvstore that I can use in a | inputlookup and / or | lookup SPL command. I can create a...

by Explorer in

Where can I have basic 1:1 Splunk architecture?

The developers here want basic 1:1 Splunk architecture documentation. Any pointers?

by Motivator in

二バイト文字のメールの件名について(MIME Headers)

下記のanswersに記載されているようにメールのヘッダを含むログを取り込みたいです。 https://answers.splunk.com/answers/139772/splunk-python-script-to-decode...

by Communicator in

Get Updates on the Splunk Community!

Splunk Dev

Discussions

How to add Splunk Linux ctypes library to folder bin?

Data input configuration for UDP syslogs from sonicwall firewall

Regex to remove all the special charater from date and convert it as a string

How To Run Python On App Install

Why does the SearchManager data event fire more than once in Splunk 6.5.2?

Log Storage in Intermediate(Relay) Forwarder

Need help in extracting results from two indexes?

Cloudwatch logs streaming to splunk

Is there a way to compile a custom alert python script?

Receiving the error in Phantom when adding external Splunk under administration settings

Extract selected fields from .txt

Is it possible to use Trellis with SplunkJS Stack ?

facing issue in field extraction for regex

Splunklib (python)/API issues after update to 7.2.0: "ParseError: mismatched tag: line 10625, column 2".

ODBC connector for Splunk 7.x(Cloud)

Python script for REST API call

Why isn't date modifier working for the services/search/jobs/export API?

Splunk_server field is not available when we search with CIM syntax

Is there a way to re-intialize the current indexes? instead of recreating one?

Ordering Events that arrive with the same timestamp but are out of order

Are there any plans to migrate Splunk to Python 3.x?

Getting error and connection failure using client.connect.

How to create a KVStore using Python SDK w/ SPL commands?

Where can I have basic 1:1 Splunk architecture?

二バイト文字のメールの件名について(MIME Headers)

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

Your summer travels continue with new course releases

Limit Splunk RUM coverage to a specific JS file

API call to retrieve information about a search wh...

Much needed size optimization of this app - Python...

Custom command only running a few times when getti...

Splunk JAVA SDK Version issue

Splunk Dev

Are you a member of the Splunk Community?

Discussions