Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Roy_9
Roy_9
Motivator
Member since:
08-05-2020
Tuesday
Community Statistics
| Posts | 347 |
| Solutions | 22 |
| Karma Given | 69 |
| Karma Received | 35 |
| Member Since | 08-05-2020 |
Activity Feed
- Posted Re: Permissions issue Executable for Splunk App on Splunk Search. Tuesday
- Posted Re: Permission Issues when dealing with Splunk_TA_nix scripts on Security. Tuesday
- Posted Re: Permissions issue Executable for Splunk App on Splunk Search. Tuesday
- Posted Permissions issue Executable for Splunk App on Splunk Search. a week ago
- Posted Re: Permission Issues when dealing with Splunk_TA_nix scripts on Security. a week ago
- Karma Re: Splunk query to find if any changes made to the reports for tscroggins. 03-08-2024 10:09 AM
- Posted Splunk query to find if any changes made to the reports on Reporting. 03-07-2024 06:09 AM
- Posted Re: How do I search for Technology Add-ons or hidden apps in Splunk. Thank u in advance on Knowledge Management. 03-06-2024 10:28 AM
- Karma Re: Need help with Windows user activity for richgalloway. 02-15-2024 11:42 AM
- Posted Need help with Windows user activity on Splunk Enterprise. 02-15-2024 09:02 AM
- Posted Re: Splunk forwarder Powershell script is causing resource exhaustion on Splunk Enterprise. 02-03-2024 03:05 PM
- Posted Re: Splunk forwarder Powershell script is causing resource exhaustion on Splunk Enterprise. 02-02-2024 12:24 PM
- Posted Splunk forwarder Powershell script is causing resource exhaustion on Splunk Enterprise. 02-02-2024 07:26 AM
- Posted Power shell script running long on Splunk Enterprise. 01-31-2024 11:56 AM
- Karma Re: Drop down list is not loading for Splunk User for bowesmana. 01-09-2024 05:25 AM
- Posted Drop down list is not loading for Splunk User on Dashboards & Visualizations. 01-08-2024 08:11 PM
- Karma Re: Is it possible to get the serial numbers of machines being ingested to splunk? for PickleRick. 12-15-2023 01:23 PM
- Posted Is it possible to get the serial numbers of machines being ingested to splunk? on Splunk Enterprise. 12-14-2023 09:59 PM
- Posted Re: Help needed with steps to uninstall python upgrade readiness app on Splunk Search. 11-02-2023 09:20 PM
- Karma Re: Help needed with steps to uninstall python upgrade readiness app for gcusello. 11-02-2023 09:19 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
Tuesday
@gcusello We are using git repo for any code changes and i have validated that the permissions are set to executable on the deployers, do you want me to push these once again?
... View more
Tuesday
@woodcock Hi, i am getting the permissions errors where it the execute bit is nor getting replicated to shc even though they are set to executable on deployers. do you have any idea?
... View more
Tuesday
Hi @gcusello This is happening for splunk add-on for nix and OS is linux in a clustered SH. I checked the permissions are set to executible in the code repository but those are not getting replicated to search heads.
... View more
a week ago
Hi, I am facing a executable permission issue for the few scripts for a splunk app and seeing these errors on various search heads, what is the best way to fix it? can someone help me with the script or a fix if you ever come across? thanks in advance.
... View more
Labels
- Labels:
-
subsearch
a week ago
Is there any script or playbook that can help in adding executible permissions for particular scripts for nix app?
... View more
03-07-2024
06:09 AM
Hello, Can someone help me with a search to find out whether any changes has been made to the splunk reports(ex:paloalto report) in last 30 days. thanks
... View more
Labels
03-06-2024
10:28 AM
@richgalloway or @General_Talos How do we need to hide the app that is downloaded from Splunk base to be viewed by other customers through source control like Git? I see a file with default.meta where it says [] owner =admin access = read : [*], write : [ admin ] export = system Thanks
... View more
02-15-2024
09:02 AM
Hello, Is there any way where we can know what are all applications are accessed by the user instead of just logon/log off activities from the winevent logs? Can someone help me with the search? Thanks
... View more
Labels
02-03-2024
03:05 PM
@gcusello It came with splunk forwarder package. "C:\ProgramFiles\SplunkUniversalForwarder\bin\splunk-powershell.ps1 Thanks
... View more
02-02-2024
12:24 PM
@gcusello do you have any idea on troubleshooting this issue?
... View more
02-02-2024
07:26 AM
Hello, Splunk forwarder powershell script is causing resource exhaustion and this script is running for 8-9 hours. Any idea on this issue? Thanks
... View more
01-31-2024
11:56 AM
01-08-2024
08:11 PM
Hello, I have a dashboard where the drop down list is working for me as i have splunk admin access where as the same drop down list is not populating for a user with splunk user level access. How do i need to troubleshoot this issue? Thanks
... View more
Labels
- Labels:
-
chart
-
Classic dashboard
-
drilldown
-
panel
-
token
12-14-2023
09:59 PM
Hello, Is it possible to get the serial numbers of windows/linux machines being ingested to splunk using the splunk add-on for windows or linux? Thanks
... View more
Labels
11-02-2023
09:20 PM
Thanks @gcusello I will try to disable and then remove the app and see if it throws any messages from my end
... View more
11-01-2023
05:27 PM
Hello, We have python upgrade readiness app installed in our on prem clustered environment and enabled. Can someone help me with the list of steps to uninstall it? Thanks
... View more
Labels
- Labels:
-
metadata
11-01-2023
07:14 AM
@gcusello field name is service team and value is Network. I didn't get this part. count is at the end of the previous row, not in a new row. Can you please send me the updated search, that would be highly helpful. Thanks in advance.
... View more
11-01-2023
06:48 AM
@gcusello I am getting the error Unknown search command 'count' and also if i want to obtain the values for only particular team, let' s say "Network team", where can i add this?
... View more
11-01-2023
06:37 AM
Thanks @gcusello, yes i already have a lookup in the name of 123.csv where the host's are listed under column called "title" and different team names are listed under column Teams. Can you please advise how do i need to append these two fields Title and Teams to the above search?
... View more
10-31-2023
12:12 PM
@gcusello i found the similar solution of yours but i am unable to achieve for my usecase. Can you please help me in tweaking search for mine. https://community.splunk.com/t5/Alerting/How-do-you-detect-when-a-host-stops-sending-logs-to-Splunk/m-p/369071
... View more
10-31-2023
11:29 AM
Hello, I have a lookup where all the hostnames are available under the field called "title" with respect to teams.I would like to set up an alert for team "abc" if any of the host stops reporting for more than 15 mins, I tried the below search but unable to get the results.Can anyone please help me with the search, it is highly helpful. Search which i am using: | inputlookup 123.csv | search team="abc" | table title | rename title as host | appendpipe [ | stats count as islookupcount ] | eval current_time =now() | eval islookupcount = coalesce(islookupcount, 0) | search islookupcount = 0 | eventstats latest(_time) as last_event_time by host | where current_time - last_event_time > 900 | eval stopped_sending_time=strftime(current_time,"%Y-%m-%d %H:%M:%S") | table unit_id, host, stopped_sending_time please help me with the better search for my usecase may be i am not using the right one. Thanks
... View more
10-25-2023
07:56 AM
Hello, We have few apps that are no longer needed in our on premise environment. We maintain git repo for configs. Can anyone please help me with the steps to uninstall/remove the app. Thanks
... View more
Labels
10-04-2023
09:56 AM
@VatsalJagani thanks for your message, i just checked the automatic lookups and i don't see one created for test.csv, Am i missing something? Do i need to check somewhere else? please help me
... View more
10-04-2023
08:12 AM
Hi @VatsalJagani I am getting the results, when i am running it inside the same app now but however when i am running the search index="_internal" log_level=ERROR "test.csv" i am still seeing the error. The lookup table 'test.csv' requires a .csv or KV store lookup definition. Thanks
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
Tuesday
|
Karma given to
