What do you want to see in a Splunk Mobile app?
Here's a very early version of a Splunk App I wrote that generates HTML friendly to small screens and fat fingers.Use it on your phone or ipad, for...
View ArticleMobile splunk app
Does any know what the best way to make a basic splunk application would be? For example, show dashboards from one of your splunk applications.
View ArticleMobile Web/App Dev?
Does anyone know if there is any development for a mobile interface or mobile app for splunk/splunk apps? Just curious - I like to have access to my system analytics on the fly. Figured I'd check with...
View ArticleInterested in a skunkswork project to get Splunk alerts/charts on your mobile...
If you, or your users, have an iPhone, consider looking at http://www.innovato.comIt's Splunk Alerting on your iPhone. Available now.It's not an official Splunk product, but a really useful skunkworks...
View ArticlePort scanning activity
I'm working on a query for Port scanning activity, I already have one query which gives me the results, but its just the external IP's and the unique count of port scanned by each IP.What I need out of...
View ArticleSplunk App for AWS CPU stats collection error with get_ops.py
Hi,I have just installed the Splunk App for AWS and I can see my billing information in the dashboards. However, there are two panels that show CPU Utilisation which are showing no results. The app...
View ArticleList of users sharing files
I am looking to get a list of unique users who share files. The logs have an entry when a file is accessed with the FileID and the UserID. Doing something like .....| stats dc(UserID) AS UserCount by...
View ArticleTransform/props not working.
I am trying to filter out Windows Event logs and only allow Errors and Critical event logs to be indexed and I want to drop everything else.Props.conf [WinEventLog:Application] TRANSFORMS-FilterEvents...
View ArticleRealtime table in dashboard is not maintaining sort order
I have a dashboard consisting of several panels one of which is a table. The output of the search is a table |sort -_time. As new events are coming it it is not placing them at the right position in...
View ArticleIs a Javascript event called when a SearchManager search returns no data?
If search is a SearchManager, the callback search.data("results").on("data", callback) is called when a search returns more than zero events. However I want to know when there are zero events...
View Articletimewrap within a dashboard
Would it be possible to use timewrap within a dashboard? For example, it would be really cool if I selected past 7 days, to pass a variable to the timewrap to show past 7 days and also the previous week??
View ArticleUser Maintained Lists
Is there a way that I can have user maintain a list of values and then drive searches off said lists that does not involve importing a new sourcetype? Some of the searches used by the user are fairly...
View ArticleAny reason for only some forwarders to show on Forwarder Management screen
On 6.0 when I view the Forwarder Management screen I see entries such as:MA123XAPPA11 deploymentClient 11.22.33.44 Delete Record windows-x64 0 deployed a few seconds agoHowever there are forwarders for...
View Articlewriting a rex for transforms
Hello All, I would appreciate some assistance in writing a transforms stanza. I am ingesting logs in which both the logname and one of the path directories both have random names. This is causing my...
View ArticleSplunk 6.0 & Enterprise Security
I was holding off an upgrade from Splunk 5.0.4 to Splunk 6.0 due to compatibility problems with ES (Enterprise Security) version 2.4.1. However, ES 3.0 is now available and according to the release...
View ArticleSplunk for searching RADIUS logs.
I'd love some tips from anyone who has used Splunk to query RADIUS logs, such as those generated from FreeRADIUS.The issue I'm facing is that if I have a specific IP address and date and time, mapping...
View ArticleCan't See Newly Creating Fields
I just created a new search field name going through the following process;1. Run a simple search 2. Select “Extract Fields” 3. Edit the regex & run a “test” to verify that it works, save it and...
View ArticleEdited default.css but no changes
I am attempting to change the default color scheme via $SPLUNK_HOME/share/splunk/search_mrsparkle/exposed/css/skins/default/default.css described here:...
View ArticleWinEventLog filters failing :Windows 2003 and splunk 6 SPL-78726
After upgrading my Windows servers 2003 to Splunk 6. I discovered that all my nullQueues filter stopped working, and I indexed mode data than before.I checked, and the reason is that the sourcetype...
View ArticleHunk search job does not finalize on HDP 2.x Yarn
I have a Hunk server that is connected to a HDP 2.x Yarn Cluster that is hosted on AWS EC-2. When I run searches using the virtual indexes the search returns results but never finalizes.
View Article