NO_BINARY_CHECK for archives
Hello, I want to index files from a zip archive. In the log file (splunkd.log) I see: WARN FileClassifierManager - The file '/root/test/test26.zip:./test26.txt' is invalid. Reason: binary But in the...
View ArticleIncremental Update of Events
We would like to use Splunk to dashboard business level metrics. For these metrics, we would like to populate the "current day" information, and then update this metric (event) as the day continues. So...
View ArticleUsing CIDR in a lookup table
Fellow SplunkersI am building a query where I want to report on location based on source IP address. For example within our internal network the subnet 10.50.6.0/24 corresponds to Sydney, whereas...
View ArticleSQL Server Splunk App Does Not Show any Servers
Hi I have went through the documentation to install the SQL Server Splunk app but no SQL Server are being shown in the app.I am able to view the Server Audit logs from the Windows Application log. I...
View ArticlePager displaying before Table module with a Button to show results
I have a panel that displays a count of results, but in order to save space, I included a button to display the results in the table when clicked. This currently works fine, but if I have enough...
View ArticleThe App Does Not Launch
I installed this app as part of the SQL Server App for Splunk but this app could not start due to an error parsing the xml file file.I went to check the file and found out there was a missing tag on...
View ArticleTimeRangePicker label
Is there a way to add a label to the left of TimeRangePicker? param name="label" makes the label appear on top of the picker.
View ArticleColumn width of Column Graph
How can i change the column width of a Column Graph? Note: I have my x-axis values vertically aligned using the following options:<option...
View ArticleWildcard for Custom WinEventLogs
Our programmers code events to custom logs stored in the WinEventLog viewer. Instead of having to update the inputs.conf file for each new application and it's corresponding custom event log, is there...
View ArticleComplex Search causes Script Alert Action to not fire
Hi All, I ran into an issue where certain searches seem to caused scripted alert actions to fail. In trying to figure out what was wrong, I created a VERY basic search, and a VERY basic scripted...
View Articlecooked connection timed out?
I see some of these time outs in the /var/log/splunk/splunk.log Is this something I should be concerned about? Does the forwarder try a resend? Is this a potential data loss? or if there's a retry,...
View ArticleOld data persists with multiple uses of search dashboard
This is a complicated one. I have a dashboard that allows me to display information from multiple points in our monitoring system by searching on 2 possible asset ID types. The user specifies a date...
View Articlesplunk db connect message
Hi,I was reading the db connect doc, and I noticed that there is an option in the java.conf file for making the persistence binary, rather than xml. I made the change on my system (which was already up...
View ArticleApp for Active Directory Schedule Reports
The app is working and I have data. I want a daily report at midnight for all eventtype=msad-user-changes for a period of the last 24 hours. This can either be saved or emailed to me.There is an Action...
View ArticleSearching Splunk
So, I have just been introduced to this tool through my work. I had a question about how to link some search criteria. What I would like my search to do is search first by an IP address that I input,...
View ArticleCOnfused about TimeZones
Hi folks, I've searched for an answer to this but haven't found anything that matches what I'm experiencing. For clarity, I am in Jamaica. We are in the EST time zone (GMT-5) but we do not observe...
View ArticleExchange App While searching message store A get users from message store B
I am running to distinct and separated exchange servers; ABC.com and XYZ.org. The drop down box in the Mail Store Overview context of the Exchange app shows both. However, when I run the Mail Store...
View Articlemoving an app framework app
Hi,I need to move an app that was created via the appframework to another appframework instance. Is there a recommended way to do this?
View ArticleHadoop Connect - how to change the polling frequency of HDFS file lists, to a...
I'm using HadoopConnect. But, its creating pressure on name node with too many frequent requests for listing of files with -lsr recursive. How do we change the frequency to say every 5 or 10 minutes...
View Articlehow to display raw result if no specific result is available?
I'm doing a pretty basic search which looks for a "connection closed" message and displays a variable called app. I have an automatic lookup which converts the app value to an application name. Not all...
View Article