error in posting qusetion
One of my teammates got a message ,when she tried to post a question as Your user doesn't have enough privileges to post a new question today Can anyone say what is the reason for this message and...
View ArticleChecking data integrity with search command
A short question:I have configured IT data block signing, as described here:http://docs.splunk.com/Documentation/Splunk/6.0/Security/ITDataSigningChecking the integrity via "Show Source" in SplunkWeb...
View ArticleClik here to view.
Drill down by clicking on legend
Hi, I've the following chartLegend values are exceptionsType1 Exception -blue colorTyp2 Exception - yellow colorInitially it was default drilldown to flashtimeline where stack trace of exception(which...
View Articleextracting ip details from apache logs
Hi all, i'm new to splunk. I've managed to get it set up and imported a load of Apache log files. When I search by host, it shows all the logs but I can't quite work out the next step. Ultimately I...
View Articleuneven distribution of forwarder-connections to indexers
Hi,my setup consists of a dozen indexers and a few hundred forwarders. If I look at the distributions of indexers the forwarders are connected to, I can see most indexers having about the same amount...
View ArticleReformat a field from multiple rows down to one row
I want to produce a search that returns basic information about our indexes, specifically the index name, the splunk_server(s) that have the index data, and the hosts that provided the data.Right now I...
View Articleprops.conf issues
Hi,I added some recent feeds, and they were working fine, but then I realized that I had put the props.conf on the universal forwarder, but they belong on the indexer. (This is correct, right?) Once I...
View Articletimechart minspan=15m snaps to 30mins
If i try and use ...timechart minspan=15m... it will use 30 minute buckets instead of 15 minute ones. It works as expected with minspan=5 and minspan=10.Anyone know why that is? tried this on 4.3.5 and...
View ArticleExtracting hostname from event and then checking presence of computer account...
Hi Everyone,I have a question regarding looking up a extracted/generated field from splunk against active directory at search time. The objective is as follows 1. Extract hostname from DHCP log 2....
View ArticleWhy is frozenTimePeriodInSecs 188697600 ?
Hi Splunkers,Just my interest, not a serious question. Why is frozenTimePeriodInSecs about 6 years (188697600 secs =2184 days =5.9835 years), not just 6 years ?Thanks.
View ArticleMigrate from Splunk Storm to Enterprise
Is it possible to migrate an existing Splunk storm instance to a Splunk Enterprise environment?If so is there any documentation for this process?
View ArticleResolving IP in other fields
I've managed to get my apache access logs into Splunk, and configured it to resolve the ip address in the client IP field. I have also captured some network traffic via wireshark and imported via .cvs...
View ArticleRAM usage at 99% on Search head
Today one of my users did a search and it took 99% of the 32GB of RAM on the Splunk Production host and made it unusable for others, this must be a bug, no users could log into splunk and all alerts...
View ArticleHow to Configure JMX for splunk
Hi I need help to configure JMX app on Windows server 2k8R2 to gather thread dumps, heap size, memory pools Can I get a document which canhelpLucky
View Articlepassing simple search result as token to chart searchstring without any input...
I have a search query which results the top 1 value from a field called "eventtype" and this top 1 value will change time to time since my dashboard is refreshing for every 1 minute.Now I want to pass...
View ArticleChart X -AXIS Splunk 6
Hi Everyone!Is it possible in Splunk 6 to rotate the X-axis label of chart to vertical?Thanks in Advanced! Xisura
View ArticleUnable to export the report as PDF when report is created from Pivot in splunk6
Iam not able to export report as a PDF if report is created from pivot in splunk6.The message once I click on Export to PDF is Unable to render PDF. "Exception raised while trying to prepare "report"...
View ArticleSplunk 6, user data model attributes/fields in regular search
Hi,I have just started working with Splunk 6. I have created a Data Model for my data source and have added some field extraction/regular expression attributes to it. As per the knowledge that I have...
View Articlecharts and drilldown
Hello,I am trying to figure out what kind of values can be retrieved from clicking a bar chart for drilldown purposes...I am having a stacked bar timechart and i want to redirect the user to a more...
View Articleapp greyed out
Using the new 6.0 splunk, created an app with splunkdj, but it (and some others) are greyed out on the app page. The home page returns to the app page. What might be wrong with my newly created app?...
View Article