Hi, I would like to have a xml panels code to be passed from Javascript to Splunk XML code dynamically. For instance, by default, the XML dashboard has 2 panels. After that, when javascript file is executed, the panels will be added dynamically accordingly to the conditions of the user to have 3 or more panels based on conditions. I have tried to passed the XML panel code from Javascript as a token to XML code but the Dashboard does not display the panel in Dashboard. Following is a sample code I have. XML <dashboard> ....... <row>        $table1$ </row> ........ </dashboard>   Javascript const panel = '<panel><table><search><query>index=_internal  | stats count by sourcetype</query><earliest>-24h@h</earliest><latest>now</latest><sampleRatio>1</sampleRatio></search><option name="count">20</option><option name="dataOverlayMode">none</option><option name="drilldown">none</option><option name="percentagesRow">false</option><option name="rowNumbers">false</option><option name="totalsRow">false</option><option name="wrap">true</option></table></panel>'         var parser = new DOMParser();         var xmlDoc = parser.parseFromString(panel, "text/xml"); //important to use "text/xml"         tokens.set("table1", xmlDoc.documentElement);         submitted_tokens.set(tokens.toJSON());   May I know how to solve this, please? Thank you in advance.   ... View more

Hi, I am using Opentelemetry to push Prometheus metrics into Splunk index with metrics data type. After pushing the metrics, the following error log prompts. The metric event is not properly structured, source=XXX, sourcetype=XXX, host=XXX, index=XXX. Metric event data without a metric name and properly formatted numerical values are invalid and cannot be indexed. Ensure the input metric data is not malformed, have one or more keys of the form "metric_name:<metric>" (e.g..."metric_name:cpu.idle") with corresponding floating point values. May I know what is causing this issue and how can I solve it, please? Thank you. ... View more

Hi, I am trying to export data into Splunk using splunkhecexporter by Opentelemetry with TLS insecure_skip_verify=false. When I tried to send it into Splunk, it will shows an error message. After that, I tried to add in the TLS certificate inside the configuration, it still shows the same error message. Following is the configuration I configured in Opentelemetry .yaml exporters: logging: verbosity: detailed splunk_hec: token: "SPLUNK HEC TOKEN" endpoint: "SPLUNK COLLECTOR URL" tls: ca_file: /etc/ssl/certs/cert.crt cert_file: /etc/ssl/certs/<Splunk_cert>.crt key_file: /etc/ssl/certs/<Splunk_Key>.key Following is the error message prompted. 2023-07-26T06:12:01.308Z info exporterhelper/queued_retry.go:433 Exporting failed. Will retry the request after interval. {"kind": "exporter", "data_type": "metrics", "name": "splunk_hec", "error": "Post \"https://<SPLUNK_LINK>:<SPLUNK_PORT>/services/collector\": x509: certificate is not valid for any names, but wanted to match <SPLUNK DNS>", "interval": "7.402035261s"}   May I know what causes this to happen and how to solve this issue, please? Thank you. ... View more

Hi, I have pushed a data from a file into Splunk. The size of the file is 94921b but when I pushed into Splunk, the size of the index from _internal is 90965b. The index I have used to push the data is a brand new index created. This is how I compared between the size of file and size of index in Splunk I have created a log file which is 94921b in size. I used stat log_100kb.log Results File: 'log_100kb.log'  Size: 94921           Blocks: 200        IO Block: 32768  regular file I pushed this log file using Opentelemetry to Splunk. I used "index=_internal source=*license_usage.log type="Usage"" to check on the size of the data being pushed into that the index I have created. Results from the _internal index 07-11-2023 01:51:44.679 -0700 INFO  LicenseUsage - type=Usage s="http:100kb_logs" idx="100kb_logs" b=90965 ....... May I know why is the size different between the file and the index, please? Thank you.   ... View more

I have a sample data in my Redis Database as below. I have created an input in there as abc_test and index is abc_test.  Observed that no data has been returned from the search query. May I get your assistance on "How to test Redis Enterprise Add-On for Splunk" please.   Thank you.   ... View more