Splunk Dev

Community Activity

How to approach custom field extractions for new source with deployment server New to Splunk Enterprise. Confused as to what the best approach for configuring multiple field extractions for a new ... by uhaba Explorer in Splunk Dev 03-13-2017 0 1	0	1
Can Splunk read data from Aud$ and FGA_LOG$ ,can it be used to replace Oracle Audit vault looking for the these information to pull live data from oracle database. Can it also pull the data from xml file. a... by pradeep2210 New Member in Splunk Dev 03-11-2017 0 1	0	1
I have two macro's depends on text input type hostname it should select the macro dynamically. Using below code My Scenario:- Macro1=US_Base_Search Macro2= AD_Base_Search If host=AB* then need to get the data from macro US_Base_S... by Kumar23 Loves-to-Learn in Splunk Dev 03-10-2017 0 2	0	2
Migrate Index without shutdown Hi There, We have two indexer (not clustered) but on DNS roundrobin. We need to migrate the indexers to the new hardw... by mdmurtazaali New Member in Splunk Dev 03-10-2017 0 3	0	3
dynamic option in an input panel HI all, I would to build a dynamic value for a dynamic option in an 'dropdown' panel for a dashboard (splunk 6.5.2) ... by Arnaud1213 Explorer in Splunk Dev 03-10-2017 0 4	0	4
How do you list all REST API endpoints available? How do you list all REST API endpoints that are available? by rsimmons Splunk Employee in Splunk Dev 03-09-2017 0 2	0	2
How do I compare count over two time periods? All, Thought there was a one stop shop command for this, but I can't find it. Basically I just want an alert when I... by daniel333 Builder in Splunk Dev 03-08-2017 0 1	0	1
Lookup table disappears after deleting all rows I have a lookup table for exclusions. that updates when user clicks on a value and it is added in the lookup table. H... by nabeel652 Builder in Splunk Dev 03-08-2017 1 2	1	2
disappearing NULL-columns when sorting a table Hey everyone, I have an issues with a table that has an empty column: index=_internal \| head 10 \| table _time host ... by bjoernjensen Contributor in Splunk Dev 03-08-2017 0 7	0	7
base streamstats on timestamps in data not arrival time Hi, I have a question I don't know if is quite possible to do. I have to calculate some data between events, but not ... by jperezes Path Finder in Splunk Dev 03-08-2017 0 8	0	8
Using IF with multiple conditions Hi Splunkers, The partner of my company send me a new log file with more details..... i do apologise for the inconven... by LNebout Path Finder in Splunk Dev 03-07-2017 0 10	0	10
Why ext.domain is being extracted as an ext_domain field? Our raw data holds name value pairs and one of the names is ext.domain. Splunk UI displays this field under the Inter... by ddrillic Ultra Champion in Splunk Dev 03-07-2017 0 3	0	3
Is it possible to add print/export icons using SplunkJS? I'm trying to add print/export icons using Splunk's splunkjs framework and splunkjs/mvc/searchcontrolsview, to displa... by bohanlon_splunk Splunk Employee in Splunk Dev 03-07-2017 0 4	0	4
Time stamp for index time extraction Following are the different time stamp we are getting from different sources and trying to write a time stamp for the... by sreejith2k2 Explorer in Splunk Dev 03-06-2017 0 4	0	4
Is the StoragePasswords Python SDK support broken? I've been trying to convert some Python code from using bare REST to using the Splunk Python SDK. I've been successf... by snargleplax Explorer in Splunk Dev 03-04-2017 0 3	0	3
Unable to initialize modular input "jms" defined inside the app "jms_ta": Unable to locate suitable script for introspection for Index clustering Hello Team. I have index clustering setup which comprises of 1 index master and 2 index peers. NOw I want to add jm... by shahk Explorer in Splunk Dev 03-02-2017 0 7	0	7
Unpivot multi-value fields I am working with some email header data, starting with generating some multi-value fields and now get to this point.... by angliu Engager in Splunk Dev 03-02-2017 0 4	0	4
Data not indexing from same script on different servers I have a ssh script that collects metrics from the server and prints that to stdout. For some reason, the same scrip... by muriloalves Explorer in Splunk Dev 03-02-2017 0 1	0	1
How Can I Assign a Text Value Based on a Specific Error Code/EventType? Greetings, I am using the following query: index=[my index] host=[specific host] sourcetype=XmlWinEventLog:Security... by SplunkLunk Path Finder in Splunk Dev 03-01-2017 0 5	0	5
Is there a reference for all the different actions of the field "action" in the Splunk _audit index? Dear Splunkers, I would like to know if there is a reference for all the different actions of the field "action" (ed... by BMacher Path Finder in Splunk Dev 02-28-2017 0 1	0	1
what is the exact meaning of sandbox in splunk enterprise? Hello every one In Splunk Enterprise, for premium products, it has a free 7-days trial call it sandbox! As I know, it... by Nosha New Member in Splunk Dev 02-28-2017 0 1	0	1
Indexing multiple sourcetypes - 1 index vs multiple I would like to know what is the best approach to this. I need to index various logs in Splunk for our web servers. T... by shahzadarif Path Finder in Splunk Dev 02-28-2017 0 2	0	2
How do I correct the spelling of my name after creating a Splunk account? Hi There, I need help on how to correct the spelling of my name. i created a Splunk account today and just realized ... by ejaphet New Member in Splunk Dev 02-28-2017 0 2	0	2
dynamically refresh the data based on the hierarchical drill downs and vice versa. Please help. Sample <panel> <table> <title>Deals</title> <search> <query>index=_* OR index=* sourcetype=st_sample... by splunklakshman Explorer in Splunk Dev 02-25-2017 0 10	0	10
How does quarantinePastSecs work? Because I just set it to 90 days and it truncated my entire index. A massive freezing. EDIT: Ignore this question. I made the change as described, but there were a few indexes with edits in the conf file... by twinspop Influencer in Splunk Dev 02-25-2017 0 4	0	4