Check Point OSPEC LEA app 2.0.2 Error: The referred entity does not exist in...
I recently installed the Splunk Add-on for Check Point OSPEC LEA application (2.0.2), and when I attempt to Add a New Connection I get this UI error when Pulling the Certificate Manage Connections: New...
View ArticleConfigure Splunk to collect data around a spesific occurrence
Hi,Is it possible to configure Splunk so that if an error trace occurs, it will start collecting info traces around the error? For example: error trace occurs at 1:00PM. at 1:00 PM Splunk will start to...
View Articleare postprocess searches counted against the search quota for a given role?
seems that the quota for searches includes postprocess searches, can someone confirm this? If, so can I get a link to the documentation that covers this? I didn't see anything specific about...
View ArticleDisplay chart only within Time range where there data exists
I want to display a chart that automatically crops that whole chart to where there is data and not display any empty before or after time ranges where there is no data at all, how can this be...
View ArticleWhat is the easiest way to DEBUG the Check Point OPSEC LEA app?
My OPSEC Application is configured and I get nothing indexed?! How can I figure out what's not working?
View ArticleMax number of opsec connections allowed for Check Point OPSEC LEA App 2.0.2?
I have the ability to add an Endless number of OPSEC connections to this APP. Is there a limit or suggestion to the maximum number of connections I should use ?
View ArticleDB Connect Oracle timezone region not found
Hi everyone, When I try and connect to my oracle database with Splunk DB Connect I get the following error:error getting database connection: ORA-00604 error occurred at recursive level 1 ORA-01882...
View ArticleClik here to view.
Is anything wrong with my "SearchSelectLister"?
Im getting an error right under the SearchSelectLister dropdown on my report, here is a copy of the XML:<module name="SearchSelectLister"> <param...
View Articleinputcsv as a Macro?
I am unable to turn a inputcsv search into a macro, as I always get the same error when I search the macro itself: Error in 'inputcsv' command: This command must be the first command of a...
View ArticleClik here to view.
New Splunk Web Installation Not Showing Login Fields
I have just installed Splunk for the first time using the Linux RPM (splunk-5.0.3-163460-linux-2.6-x86_64.rpm).Everything works exactly as all the manuals and tutorials suggest, until I try to load the...
View ArticleMongoDB and Splunk
How can I use a look-up and/or connect Splunk with my MongoDB server?Any help would be greatly appreciated.
View ArticleIndex time based retention - based on indexed time or event time?
This information is probably located in one of the docs but didn't find it in anything I've read just now. Under normal circumstances current data rolls in and rolls out based on any number of...
View Articletext of previous searches
Greetings,I am looking for a way to output previous search parameters. I am running:index=_audit action=search "splunk username" The results are finding searches performed by that user but are not...
View ArticleDynamic Row Name with Transpose
My search:index="systems" sourcetype="systems_xml" systemdata.administration.system-id="123456" systemdata.administration.server-id="*" | fields systemdata.systemresponse.* | fields - _* | transpose I...
View ArticleRequire latest version of Palo Alto NG Firewall and a sample log line
Hi, can anyone tell me the latest version of Palo Alto NG Firewall (Not app) available? I came across an article which says that the latest version is 5.1 but I am not that very sure on that. If that...
View ArticleCreate folders in "Searches & Reports" drop down menu
Does any one know how to create folders in "Searches & Reports" drop down menu to organize the searches?
View Articletimestamp only containing time
We have a rolling log for everyday and can tell which log belongs to which date based on the name. The events in the log only contain times without the day and month. Is is it possible to add the date...
View ArticleOPSEC LEA add-on
I configured OPSEC LEA add-on on my Splunk server (ubuntu). Established a connection with Check Point management, but in manage connection, in "connection field" appears Never Connrcted. And no log...
View ArticleChart of multiple sourcetypes
Hi,I would like to get a line chart in which I can see a line for each trace level (verbose, info, warning, error). In addition I'd like to see on the same chart another line for the CPU Usage. It...
View ArticleRegex to start with specific characters
Hi, i would like to get all the requests that start with / and there will be few alpha numeric characters and then ends with .css or .js, etc.i have tried ^/*.(css|js) but did not work. Any...
View Article