DB Connect - access restrictions to database connections not working
I'm trying to set up db connections with role-based access restrictions. As an example, Splunk role A shall be able to run dbquery using database connection dbA and Splunk role B shall do the same with...
View ArticleWhen does the accelerated Data model's values get processed to tsidx?
Hey Experts!We have a debate going on about when splunk punches in the field values when the data model acceleration is enabled. 2 ideas,The accelerated field values gets processed (put into tsidx)...
View ArticlePer-app machineTypesFilter broken in serverclass.conf
I have a server class defined in serverclass.conf and I want to install a different app based on the machineTypesFilter.[global] repositoryLocation = $SPLUNK_HOME/etc/deployment-apps...
View ArticleSplunk 6 Forwarder Management Question
ScenarioUpgraded from Splunk 4 to Splunk 6. Using deployment server to distribute appsThere are a large number of clients The target clients are placed in groups by setting common clientNames in...
View ArticleUnable to initialize modular input "jmx" defined inside the app "jmx_ta"
We were able to setup and run the jmx_ta on the splunk app(web app). It was able to connect and report JMX data from remote servers. But, we want to use that in a distributed system. For that we tried...
View Articlehow do i create an app and make someone else the owner?
Hi,We don't let users create apps on our search-heads. I was wondering if there was a way for me to create an app and then make someone else (and individual) the owner of that app. Curious as to how...
View ArticleExternal lookup script not functioning in search app
I have an external lookup using a python script. It is in its own app, but is shared to all apps with R/W access. The app's .meta file has props, transforms, and lookup set with export = system. When...
View ArticleCreating original Advanced XML
Hi !I am trying to create advanced xml that can do things below.Do a searchExport to csv fileArchive file with password encryptionHowever, I am bit struggling with how should I implement this.I...
View ArticleHow to avoid trimming space in search time fields extraction
Hi.I believe I had asked a question before but would like to ask again.I have a csv file that has about 50 fields. One of them has a fixed size of 25 bytes but not always 25 bytes. Image is like...
View ArticleHow does splunk handle decimal value?
Hi!I would like to know how does splunk handle the decimal values during eval procesing.It seems that after the eval(multiplication or division) , the number is rounded to 6digits.So if the result is...
View ArticleWas Forwarder Management silently removed for free Splunk licenses in Splunk...
Yesterday I updated my private Splunk 6 instance to 6.0.1 and after the update the Forwarder Management did not work anymore. The error message was something like "402 License Problem...".
View ArticleShuttl BucketMover error
I'm trying to setup shuttl for the first time on Splunk 6, all the config files are populated per the documentation but when I look at the splunkd.log file I see the following and no buckets are...
View ArticleCisco ASA Add-On for Splunk ES
Hi,I'm trying to get Cisco ASA firewall logs into the Enterprise Security app. Is there an add-on for that, Splunk for Cisco ASA, or is it only supported in Cisco Security Suite?Thanks,Volto
View ArticleClik here to view.
Index not being associated with archived buckets using shuttl
I'm trying to get shuttl to work and trying it on 4.3 which is supported according to the doc. I'm using an S3 backend and can see buckets arriving n S3, and no errors reported from the shuttl GUI....
View ArticleSideview: Panel stacking
Is it possible for a panel to be 1 column by two rows?-------------------- | | | | | | ---------- | | | | | | | --------------------
View ArticleI am not able to use splunk web on my tablet
Hey guys,I'm very new to Splunk and i have been trying to setup my Enviroment so that i can view it via websplunk via my tablets using Google chrome or Mozilla Firefox in my home instance i installed...
View ArticleTexting from Splunk - solved!
This is not a question, but I wanted to share...If you are running Enterprise Splunk and would like an alert sent via text...Create the search, have Splunk send an email. I un-check the send results...
View ArticleIs there another technology to create charts than is not Flash?
I would like to know if there is another technology that allows me to create views that not use Flash charts. So the views become available for mobile devices.Any ideas?Thanks, Dan
View ArticleSearch head out of disk space because ${SPLUNK_HOME}/var/lib/splunk has HUGE...
I have 2 search heads that are very similar but one has some extra apps installed (such as SoS). The one with more apps is continuously out of disk space and I just found out why. On the search head...
View ArticleAccessing stuff from other apps using Splunk Mobile?
I've been trying out the SplunkMobile app and there's one thing I'm not really sure about. Should I only be able to access saved searches and alerts from the "Search" app? We really don't use the...
View Article