VMware App & CPU Ready
Hello All,In the VMware app it reports CPU ready for a vCPU as a summation, but honestly I can't think of why anybody would want that stat as a summation. Is there a way to pull the CPU ready times as...
View ArticleCan't login via Splunk Javascript API
I have a local install of Splunk with default login details (username: admin, password: changeme) and I'm trying to run the examples provided by the Javascript SDK, and I get a 500 Internal Server...
View ArticleUniversal Forwarder can't be uninstalled by another user
Dear Splunkys,I installed the Universal Forwarder on 3 different machines in the same domain testwise (all windows 2008 r2). A few days later my collegue tried to uninstall them but he couldn't find...
View Articleserver JRE or JRE for splunk db connect app?
HI, I'm a newbie to splunk, and I'm trying to install the db connect app, but i'm just going through tthe requirements and it says i need the JRE. But should I install the Server JRE or just the JRE...
View ArticleCisco Firewall Add-On 2.0 w/ Splunk for Cisco Security - summary indexing
I recently downloaded and installed both the Splunk for Cisco Firewalls Add-on and the Splunk for Cisco Security app. I noticed while reading the Splunk for Cisco Firewalls README that I could enable...
View ArticleConfigure DB Connect database.conf with sqlserver trusted connection
Is it possible to configure DB Connect database to use trusted connection, so I don't have to provide user/password for each database.Thanks!
View ArticleExport Results from a postProcess
I wonder if it is possible to export results from a PostProcess. If I use a "SearchControls" object, it can export results, but only from the upstream search, not from the postProcess.Is there a way to...
View Articlematch_type = CIDR doesn't seem to work
I have the following lookup:transforms.conf[ipam] filename = ipam.csv match_type = CIDR(src_ip)props.conf[cisco_asa] LOOKUP-ipam = ipam src_ip OUTPUTNEW Dept AS Departmentipam.csvsrc_ip,Dept...
View ArticleAnother XML parsing question - sorry, but I am not getting it...
I am having problems parsing XML files into fields that can easily be searched by non-expert users. And I am also having problems posting this question, as I cannot seem to be able to post XML code...
View ArticleClik here to view.
Sideview utils handling drilldown from chart legend
I have a chart that looks like thisI'm using Sideview to configure custom drilldown options. When someone clicks on a bar in the table all is well: I can get the selected series from $click.name2$ and...
View ArticleViews from local directory are not loading in sideview utils
Hi,We are using sideview utils in our application. Our application is developed using flex. On clicking a link we load the view xml file from sideview utils. We did some customization as per our need....
View ArticleHow to create more than 3 columns in dashboard.html template
In version 4.0 I was able to have more than 3 columns in dashboard.html template.How could I do the same in version 4.1?example:<view template="dashboard.html" onunloadCancelJobs="True">...
View ArticleDeployment server
07-03-2013 14:07:24.352 +0530 WARN DeploymentProcessor - License feature=DeployServer not enabled, cannot bring up Deployment Server I am getting this error on deployment client. Is license required...
View ArticleSplunk for VMware Forwarder Appliance and *nix app
Howdy all,I've got the Forwarder Appliance for Splunk for VMware up and running and I was hoping to monitor its behavior via Splunk. Since it is basically a Linux (CentOS) vm I have enabled the *nix...
View ArticleSplunk_OPSEC_TA: how can I pull the OPSEC .p12 cert from the Check Point...
I've disabled SplunkWeb on my indexers and don't really want to re-enable it just to perform this function. Is there a workaround?
View ArticleDate problem with indexed events (month / day to day / month)
Hello,I'm with a problem that started 07/01/2013. The pattern for date usually is month/day/year, but for some reason after 1st of July, it is converting the date 07/03/2013 to 03/07/2013 (Mar 7...
View ArticleDashboard Time Range
I am trying to define a time for a dashboard item but no matter what format I use I get an "Error: Invalid latest time". I am using the time range fields at the bottom of the edit search pop-up.I have...
View ArticleCan Splunk put a "download file" link in a dashboard?
Hello splunkers,I was wondering if there's any way to give users a link to download a file from a splunk server (without setting up a separate web server on the same box). Basically, I want the user to...
View ArticlePython SDK: Is it possible generate a Splunk alert based on a triggered...
Hi, I would first like to explain my requirement: Ultimately, I want to generate a alert (email) based on two conditions:Certain syslog message pattern is seen on a deviceAfter logging into the device,...
View ArticleIs there a request interval configuration when using estreamer with Splunk to...
The Sourcefire Defense Center (DC) is being overloaded by the calls from Splunk and crashing the DC GUI.I believe there has to be a configuration on the client for request interval OR a configuration...
View Article