splunkd died every day with the same error
splunkd died every day with the same error FATAL ProcessRunner - Unexpected EOF from process runner child! ERROR ProcessRunner - helper process seems to have died (child killed by signal 9: Killed)!I...
View ArticleRelationship of CPU cores between search head and indexers
One thing I'm not clear on in the architecture and capacity planning guides is what the optimal relationship should be between search heads and indexers.If I have a search head with 32 cores, should...
View ArticleCustom HTTP error page for Splunk Web
Hi,Is it possible to configure Splunk Web with a custom HTTP error page? I'd like to display a custom error page in the event of e.g. HTTP 500, or HTTP 503, similar to what Apache can do.Thanks.
View Articlescheduled search not running
Hello! I have a multiple saved scheduled search. One of the running scheduled searches looking for information for the month. I created another saved scheduled search with the same query, but now I...
View ArticleView for OS monitoring
Hi, I need to create a view to monitor my OS. I'm new with splunk...can someone give me an example?
View ArticleSpecific Search not working after upgrade to Splunk 5.0
I've got a specific search, that generates two time ranges on a timechart, using the instructions found on this Splunk blog entry: Compare two time ranges in one reportThis search worked perfectly......
View ArticleTimechart for CPU and Memory Utilisation
Hi,I have a few Windows servers which I want to correlate CPU and Memory perfromance over a time chart for each server. What is the best way to achieve this? Would I need to perform a search with a...
View ArticleHadoopOps errors & exceptions
I've just installed the HadoopOps app + dependencies and have some problems getting it to work.First, opening the "Manage Services" popup throws an exception: "UnboundLocalError: local variable 'job'...
View ArticleVariables available in input app
Hi,I need to reference a file distributed by an input app from within the app itself (outputs.conf). I need to configure a specific receiver with a specific certificate with this app.I've tried...
View ArticleAD / LDAP Authentication Limit issues
Hi.I've managed to get my Splunk (5.0.latest) referring to my Active Directory Domain Controllers to allow a number of user logins, however at this time, it is only working if I explicitly specify the...
View ArticleUsers not receiving search results
I have users that are unable to get search results. They receive a message that no results were found when an admin user can actually see the results. The error showing in the log is below:04-16-2013...
View ArticleQuestion about Palo Alto Network
Dear Splunkers, I have installed Splunk for Palo Alto Network app, Do you have a manual how to install. Should I have to configure syslog on Palo Alto Device?Regards,Jose Rivera
View ArticleAccess Control Within DBConnect (DBX)
Does anyone know how to accomplish this? I have tried utilizing the "Restrict search terms" but it is not working. Currently if I allow a user access to DBX they would see all database connections.Any...
View ArticleSplunk forwarder stopped sending data to Storm
I tried out Splunk on one of our servers, and left it on during the night to get some data. After a few hours, no more data was sent. The Splunk forwarder was still running, and I can't detect anything...
View ArticleCompound Search with two sourcetypes
I want to search for an IDS event like thissourcetype=IDS "MALWARE-CNC" Then I want to use the src_IP and dst_IP to search the proxy logs to see if the proxy blocked the traffic. Something Like this I...
View ArticleHow to run a search and retrieve results in custom command
Hi, I need to write a custom script that is in python which needs to access search results. What is the best way that I can utilize Splunk's search, get results, parse them and get access to the...
View ArticleDatabase performance impact due to DB Connect
Hi,Since DB Connect has abilities to run queries against a database and access schemas, what sort of performance impact could I expect on my Postgresql database? I will be exposing my standby database...
View ArticleDeployment client as Universal Forwarder
I have made the UF as the deployment client. In the deployment server I have created an app that have the inputs.conf file. I want that inputs.conf file will be deployed to the UF. Now when ever I am...
View Articlesplunk list monitor directories or files
Hi,When I execute command splunk list monitor: I see that there are two different types of monitoring: Monitored directories and Monitored Files.For one specific monitored directory, does all the files...
View ArticleControlling web click sorting behaviour
Is it possible to control how the web interface sorts table column data?It seems to just sort in ascii or lexical order.The issue I have is that I have some simple table data that contains dates like...
View Article