Problem running Custom Script
Have created a custom Perl script, added it to commands.conf - it finds the script just fine. The script outputs the correct data, but whenever I run it Splunk gives me these errors:External search...
View ArticleRenaming sourcetype and source with props and transforms
We have some VIOS servers that are special-purpose machines that aren't allowed to have a UF installed. I want to hotwire the Splunk_TA_nix scripts to drop their output on an NFS share for Splunk to...
View ArticleSplunkStorm potential bug
While trying to access my data, which is hosted at splunk storm, I'm getting:Unable to distribute to peer named 10.31.213.228:8089 at uri https://10.31.213.228:8089 because peer has status = "Down"....
View ArticlenullValueMode for stacked area charts
Hi,In our application we use charting.chart.nullValueMode as gaps This works perfectly for line charts and area charts. Where as for stacked area charts it is not working. It considers it as zero.How...
View ArticlePassing values depending on value chosen in TimeRangePicker
Hi,In our application we create summary indexes as 5m summary indexers, 1hr summary indexers and etc.In few screens, we have custom time selection module. In this case we can pass some params downline...
View Articlecustom timeframe on cli with saved searches
How do you change the time period of a saved search when running from the CLI? Right now I have a saved search that runs over a 30min window by default. I normally will run it like this:...
View ArticleReferring value chosen in pulldown in search bar in sideview
Hi,We are evaluating sideview for our application. I have a need where in i should pass upwards the param from pulldown. Is this possible?Say, the analyze pulldown has Max, Min and Avg as values. If i...
View ArticleEnabling python log rollover in splunk
Hi,I need to provide the rollover policy for the python log file present in the /opt/splunk/var/log/splunk directory. I tried adding the following stanza in log.cfg:[python]splunk =...
View Article'module' object has no attribute 'check_output'
I am getting the following error while trying to execute the indexing test: [2013-05-21 14:48:46,236] IdxTestSetup: Splunk restarted successfully [2013-05-21 14:48:46,237] IdxTestSetup: Adding file...
View ArticleCount of field and count of sources of the field
I have firewall logs coming in. I have a field which is the destination of traffic (dst). I would like to show the total count of the destination field and the count of the unique sources. So the...
View ArticleSyncronize props.conf across disjoint indexers
We have geographically separate indexers that need to maintain the same sourcetypes as they are created/modified. Is there a way to synchronize these settings rather then having to add/modify them...
View ArticleDBConnect Search Results local
Greetings,I was chatting with a Splunk SE earlier in the week and was complaining that I had a DBConnect to a remote database. Remote is relative here, it is still in our MAN connected via 10Gb fiber....
View ArticleMust splunk be restarted in order for a manual edit of props.conf to take...
I made an edit to linebreaking in props.conf, then used the CLI "splunk add oneshot <filename>" to index a file, saw that new events were indexed, but still according to the old line-breaking...
View ArticleSplunk Daemon Not Responding
Greetings! So, we are running 5.0.3 in SHP (2 SHs) with SSO=permissive. I get this error: 2013-06-06 16:06:41,656 ERROR [51b0ebb39d7fb184803e90] search:221 - Splunkd daemon is not responding: ('The...
View ArticleTIME_PREFIX regex help
Hi,I seem to be incapable of figuring out what regex to provide in the TIME_PREFIX for my source type in order to recognize the second time stamp instead of the first.Please see a sample event...
View ArticleTA for Windows AD
Hi everyone, Splunk newbie here. I'm currently trying to install the Splunk App for Active Directory version 1.2 and I wanted to make sure I understood the steps for configuring the Universal...
View ArticleNix app scaleability?
We're interested in deploying the nix app and start collecting data for ~3000 systems. Has anyone used this in this scale, and if so - how has it worked for you?I know from the get-go we'll need to...
View ArticleAuthentication Failed after starting the app
hmm, I canĀ“t try it out cause I get -- after starting the app, and loading 100% -- an error: Authentication FailedWhat which authentication???Looks like a redirecting problem, error shows...
View ArticleHelp on HadoopOps
Hi all, Anybody aware of these warnings in HadoopOps app?Lookup table 'hadoop_host2maxcpu' is empty. No matching fields exist Lookup table 'hadoop_host2mapred' is empty.why am getting these? how to...
View ArticleDB Connect App
I wanted to see who was all using the DB Connect app from a big company perspective. I've been tasked with essentially proving out the App and was hoping to get some basic feedback on "how things are...
View Article