Hadoop Ops APPS
Hi,We installed Splunk Hadoop ops app and it is showing the home page of "Hadoop connect" app when we tried to access "Splunk Hadoop ops" app from the app list.Please advice.Thanks
View ArticleHadoop Ops app: Not able to install properly
Hi,I have installed splunk Hadoop ops app in our splunk index server. It has been installed successfully, as we can see the same in "Apps-> Manage Apps". But it is not listing in "Apps" drop down...
View ArticleSaved (scheduled) searches with no results: Encountered an error while...
Hi guys, I have an issue with a saved (and scheduled) search with no result. If I schedule a search that returns no results and I try to get it with the command| laodjob savedsearch="admin:app:label"...
View Articlewrong time in last connected OPSEC LEA
In the OPSEC LEA LOGGRABBER APP for checkpoint the time shown in "last connected" is incorrect. I have the Splunk server running in UTC while I access the Splunk Web interface to create the connection...
View ArticleHow will i know if Storage is full?
Hello, on https://www.splunkstorm.com/pricing page is noticed, What happens when my storage is full? We'll send you warning emails when your storage reaches 90% full. However, once your storage is...
View ArticleHit URL grab data and index it
The concept seems simply yet there doesn't seem to be a straightforward way of doing it. I have URL which I want splunk to hit and index all the data off the page ever X seconds. Thats it. I don't want...
View ArticleSample application.js to suppress
I'd like to suppress "lookup warnings" and "License warnings" in the message bar above Splunk chrome for my app. Does anyone have a sample application.js file to reverse engineer?
View ArticleStuck at Loading Google maps api
I recently loaded Cisco Enterprise security, Cisco firewall, google maps, and MAXMIND apps. When I go into Cisco security app, I see the message "Loading Google Maps API. When it first starts a message...
View Articlecron schedule every Friday morning 11 till Sunday morning 9
How to schdule a search, should run from every Friday morning 11 till Sunday morning 9 using cron job
View Article"Unable to distribute to peer" -- adjustable timeout?
I'm getting quite a few "Unable to distribute to peer..." messages when searching in splunk. The reasons given tend to be '...because peer has status = "Down".' or Authentication Failed.Sometimes just...
View ArticleProblem with Entering Code Sample
I cannot get my code to paste in as a code sample (I have another question to ask!). I have copied and pasted the advanced xml into both notepad and word, but am still unable to get it showing as xml...
View ArticleA table with fields as lines
We got some events ,with an extract we got Event 1 : Field1=VALUE11,Field2=VALUE12,Field3=VALUE13,... Event 2 : Field1=VALUE21,Field2=VALUE22,Field3=VALUE23,... Event 3 :...
View ArticleSPLUNK Forwarders: is there a way to forward types of files in one folder...
Hello, I'm trying to limit the amount of data that SPLUNK indexes daily and I noticed that a bunch of our server log files contain lots of reduntant data and hence can be skipped. HOWEVER, the...
View ArticleTrying to JOIN data, or augment results.
Hi,I'm likely going about my search in the wrong way, but I'm trying to create a table of data which draws upon a subsearch and a join in order to more completely represent the various values a given...
View ArticleNot seeing SSL data
I have configured TCP(port 514), UDP(port 514) and SSL (port 6514). From Spunk Search, I was able see to the data on port 514 for both TCP and UDP. From tcpdump on the sending syslog-ng server and the...
View ArticleTime zone difference
I have a source type where iis logs copied from another server to the forwarder are being recorded in UTC but not indicating such. Example:2013-09-13 14:40:00 Blah 255.0.0.0 POST /example/index.aspx -...
View Articlefiltering events using NullQueue
I was wondering if there is any way to filter eventcodes, but not every event that is being passed through. For example is there a way to block EventCode 4624, but just the debug messages and let the...
View Articlesplunk locking libeay32.dll from wrong directory stops bit9 security app from...
splunk is currently locking the dll libeay32.dll from the wrong directory. this is causing our main security product on the endpoints to lock and fail. This needs to be remediated in order to secure...
View ArticleField discovery/extraction works but extracted field values are not found in...
Greetings, I apologize in advance for the long post.Problem abstract: field discovery and extract work great, but searching on extracted fields gives weird results.Input stream: single-line events made...
View ArticleSyntaxError: JSON.parse: unexpected character with Sampledata.zip from tutorial
I'm following the tutorial and getting the following error when importing Sampledata.zip from http://docs.splunk.com/Documentation/Splunk/latest/User/AdddatatutorialYour entry was not saved. The...
View Article