Am I using the transaction command correctly?
I have a log which is tracking objects as they get moved around by a state machine. The log records a timestamp, the GUID of the object that was moved and the to and from states for the object. When...
View ArticleProcess monitoring
Im looking to get real time data on specific processes. CPU and Ram usage data.I configured NIC monitoring specific to process by using WinNetMon like:[WinNetMon://OUTLOOK] index = desktop process =...
View ArticleHow Can I have Sources or SourceTypes w/o Events Appear in Search Results?
I have some files (sources w/ configured sourcetypes) that often times do not contain any events. Is there a way that I can have the search show that the file was attempted to be read but no events...
View ArticleHow to make a page open in tab rather than in a new window
HelloI am trying to customized the way the page opens when clicked while using a redirector module, so that it opens in a new tab rather than opening in a new window or else opening in the same tab. I...
View ArticleSCOM - Web App Availability Monitor - Returning 406 Not Acceptable
Trying to setup Web App monitor in SCOM 2012 to let us know when splunk is unavailable - however splunk web is returning HTTP 406. Why doesn't it return a HTTP 200?HTTP RequestGET /en-US/account/login...
View ArticleGeostat remove "OTHER"
Hi,How can i remove the "OTHER" in geostats result ,i tried to add userother=f but its not working. Is there any other way to remove it. Here's my sample search index="test" |geostats latfield=lat...
View ArticleIndexed Events Per Minute
Hi,is it possible to write a search, that shows the total count of events by indextime (span=1m)?BestHeinz
View ArticleWindows V6 forwarder - no silent install?
It appears as though there is no way to include the "Splunk technology add-on for windows" during a silent install of the v6 universal forwarder. Doing a silent install without this add-on throws the...
View ArticleGeostats and rangemap
Hi Newbie here,Im exploring right now the map on splunk 6, Now my question is,is it possible to add a rangemap in geostats for example i have servers in certain areas and i want to know the util of all...
View ArticleRole capabilities to change Event Type permissions through REST api
Hello.I'm creating an Event Type like this;curl -k -u RESTUser:RESTPass https://localhost:8089/servicesNS/RESTUser/search/saved/eventtypes \ -d name="incident_1" \ --data-urlencode...
View ArticleThe Dashboard does not show up
Hi,I created a Piechart and am trying to save it as Dashboard. I am able to create the dashboard. However when i view the dashboard. The View screen gives me following error. Please suggest what can be...
View ArticleFieldalias with NOT-Operator
Hi, I've got events which are JSON Objects. I have values under complex paths, e.g.:values.clicks.valueMap.CLICK_KEY="adhfkjsdafgkhbg-SPECIAL" In my search, I need do exclude events which have a...
View ArticleAdd "Price" field with different values for specific timeranges
Hi,I'm adding a "Price" field to each product in the events. Therefore I'm using a lookup which includes the productname and the price.| lookup Pricelist.csv productname OUTPUT priceIs there a way to...
View ArticleDaily maximum of concurrent Logins
Hi, I'm very new to Splunk and would appreciate some help getting started. My logfile is comprised of messages with either "Login" or "Logout" in the text along with a date & time. I would like a...
View ArticleAdd word in the workflow action.
Hey splunkers, I have a doubt. I created a GET workflow action to search field in the google, but I can't put a word before the variable. For example:(...)google.com/search?$Reason$ it's ok. But I want...
View ArticleHow to generate topological graphs ?
I have a data set in CSV format. It shows relationship between people like a family tree. How can I achieve this ?
View ArticleCustomize time scale
Hello,I am wiring together a TimeRangePicker and a HiddenSearch/HiddenChartFormatter in order to display visualization for some statistics. I observe that in the real-time mode (let's say "5 minute...
View ArticleHow to retrieve data from Tibco EMS with jms_ta
Hi all,does anyone has set up a connection between Tibco EMS queues and Splunk using the jms_ta ?I would be happy for any hints or examples how to configure this.Thanks Norbert
View ArticleHow to search two different values in different text files which has same index?
How to search two different values both the values are in different text files which has the same index and the final output want to route to a different txt file.
View ArticleHow do I generate many output csv files from a single search ?
I am reviewing the scheduled jobs on our Splunk system and I noticed that several people are running the same query many times and extracting something slightly different each time. With each query...
View Article