Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About anoopdi
anoopdi
Path Finder
Member since:
07-16-2018
07-19-2023
Community Statistics
| Posts | 15 |
| Solutions | 1 |
| Karma Given | 0 |
| Karma Received | 3 |
| Member Since | 07-16-2018 |
Activity Feed
- Got Karma for Verifying Secure Communication between forwarders and indexers. 05-17-2022 03:22 AM
- Posted Re: [Smartstore] Is there a way to manually upload the bucket to smartstore. on Deployment Architecture. 10-29-2020 12:53 PM
- Posted Re: sed to replace a string after a match on Splunk Search. 08-24-2020 08:59 AM
- Posted sed to replace a string after a match on Splunk Search. 08-24-2020 07:52 AM
- Got Karma for After Splunk DB Connect upgrade (2.4.1 -> 3.1.3), how come the DB inputs are not migrating?. 06-05-2020 12:50 AM
- Got Karma for Verifying Secure Communication between forwarders and indexers. 06-05-2020 12:50 AM
- Posted Re: Not listing any custom indexes on All Apps and Add-ons. 10-10-2019 09:26 AM
- Posted Not listing any custom indexes on All Apps and Add-ons. 10-07-2019 03:32 PM
- Tagged Not listing any custom indexes on All Apps and Add-ons. 10-07-2019 03:32 PM
- Posted Re: Topology dashboard not working on All Apps and Add-ons. 09-01-2019 08:55 PM
- Posted Topology dashboard not working on All Apps and Add-ons. 08-27-2019 01:59 PM
- Tagged Topology dashboard not working on All Apps and Add-ons. 08-27-2019 01:59 PM
- Tagged Topology dashboard not working on All Apps and Add-ons. 08-27-2019 01:59 PM
- Posted Re: Verifying Secure Communication between forwarders and indexers on Security. 08-15-2019 11:05 AM
- Posted Verifying Secure Communication between forwarders and indexers on Security. 08-15-2019 09:22 AM
- Tagged Verifying Secure Communication between forwarders and indexers on Security. 08-15-2019 09:22 AM
- Tagged Verifying Secure Communication between forwarders and indexers on Security. 08-15-2019 09:22 AM
- Posted components required error message on All Apps and Add-ons. 02-19-2019 01:22 PM
- Tagged components required error message on All Apps and Add-ons. 02-19-2019 01:22 PM
- Posted Re: Why are deployment apps showing 0 deployed clients? on Deployment Architecture. 11-05-2018 11:25 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 2 | |||
| 0 | |||
| 0 | |||
| 1 |
10-29-2020
12:53 PM
@rbal_splunk Does the manual upload method honors the encryption enabled on SmartStore?
... View more
08-24-2020
07:52 AM
Is there a way I can substitute a string after a regular expression match? For example, i want to replace the IP address which appears after 'Chrome/' 70.31.171.12 - admin [24/Aug/2020:14:31:44.596 +0000] "GET /en-US/splunkd/__raw/services/search/shelper?output_mode=json&snippet=true&snippetEmbedJS=false&namespace=search&search=search+index%3D_internal+sourcetype%3Dsplunkd_ui_access+&useTypeahead=true&showCommandHelp=true&showCommandHistory=true&showFieldInfo=false&_=1598275250371 HTTP/1.1" 200 5620 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" - e02845bc5c07fae3e33855fca82cc968 12ms I am able to use 'sed' to replace one more match of IP address but do not know how to replace a specific one. I want the event to look like this after the running sed, 70.31.171.12 - admin [24/Aug/2020:14:31:44.596 +0000] "GET /en-US/splunkd/__raw/services/search/shelper?output_mode=json&snippet=true&snippetEmbedJS=false&namespace=search&search=search+index%3D_internal+sourcetype%3Dsplunkd_ui_access+&useTypeahead=true&showCommandHelp=true&showCommandHistory=true&showFieldInfo=false&_=1598275250371 HTTP/1.1" 200 5620 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/xxx.xxx.xxx.xxx Safari/537.36" - e02845bc5c07fae3e33855fca82cc968 12ms
... View more
10-10-2019
09:26 AM
Yea seems like thats the issue. On most of the add-on, you still have an option to type in the index if it is not listed out in the dropdown. This one is not a fun TA for sure.
... View more
10-07-2019
03:32 PM
Not sure what's wrong here. When I try to create any input, the only indexes I can see is history, main and summary. The other add-ons on this instance are showing all the indexes and have a feature to type in the index name if not listed in the dropdown, I can also see all the indexes if I go to settings-->indexes. But 'Splunk Add-on for Microsoft Office 365' does not have that option.
Anyone has seen this issue? I don't have backend access to this server to edit the inputs.conf file
... View more
08-27-2019
01:59 PM
I have Splunk app for AWS installed on SHC and Splunk add-on for AWS on a heavy forwarder. Everything is working except the Topology dashboard. I went through the steps given in https://docs.splunk.com/Documentation/AWS/5.2.0/User/Topology and verified that all of the required inputs are enabled however I am unable to find this saved search 'Config: Topology Data Generator' on SHC. I download the AWS app on my laptop but couldn't find it there as well. Searched across the config files but same result.
Anyone has seen this problem?
... View more
08-15-2019
11:05 AM
i was using that link for the verification that's where I noticed that log. I dont see any errors in splunkd.log about SSL, both on indexers and forwarders. I think the secure communication is working but wanted to confirm that.
... View more
I recently enabled SSL connection between forwarders and indexers. When I check the metrics log for a UF with SSL enabled , i see this in the data. The connection type is showing as cookedSSL but ssl=fasle. Does that mean the connection is not secure? And the surprising part is, i see events in metrics.log for the same host with ssl=true entries. I am confused.
08-15-2019 16:10:56.061 +0000 INFO Metrics - group=tcpin_connections, xx.zz.yy.xx:52306:9997, connectionType=cookedSSL, sourcePort=52306, sourceHost=10.176.240.50, sourceIp=10.176.240.50, destPort=9997, kb=0.33, _tcp_Bps=10.97, _tcp_KBps=0.01, _tcp_avg_thruput=1.19, _tcp_Kprocessed=158.37, _tcp_eps=0.03, _process_time_ms=0, evt_misc_kBps=0.00, evt_raw_kBps=0.00, evt_fields_kBps=0.00, evt_fn_kBps=0.00, evt_fv_kBps=0.00, evt_fn_str_kBps=0.00, evt_fn_meta_dyn_kBps=0.00, evt_fn_meta_predef_kBps=0.00, evt_fn_meta_str_kBps=0.00, evt_fv_num_kBps=0.00, evt_fv_str_kBps=0.00, evt_fv_predef_kBps=0.00, evt_fv_offlen_kBps=0.00, evt_fv_fp_kBps=0.00, build=f817a93effc2, version=7.2.7, os=Linux, arch=x86_64, hostname=deployer, guid=6C69F32A-8F26-4F9F-831D-CA1623C5FA4A, fwdType=full, ssl=false, lastIndexer="10.176.240.39:9997,10.176.240.85:9997", ack=true
... View more
- Tags:
- splunk-enterprise
- ssl
Labels
- Labels:
-
SSL
02-19-2019
01:22 PM
I am trying to use Splunk add on for jira alerts, i completed the setup of add-on but it is throwing following error everytime the alert is called.
Jira server HTTP status = {"errorMessages":[], "errors":{"components":"Component/s is required"}}
I tried adding components value to alert_actions.conf but it is still throwing errors.What is the right format of adding components to the alert_action?
... View more
11-05-2018
11:25 AM
yes, I see clients under the apps. I will try a recycle after work hours. Thanks for your help so far.
... View more
11-05-2018
09:34 AM
deployment client config is pretty simple,
[deployment-client]
[target-broker:deploymentServer]
targetUri=*******
Yes, I see clients under forwarder management. There is no issue with the app deployment, the only thing confuses me is, why doesn't the apps tab in the UI show the number of clients it is deployed to.
... View more
11-05-2018
09:15 AM
Under Forwarder Management UI --> Apps tab. I see all the apps there but none of them show the number of clients that they were deployed to. All of these apps are deployed to multiple clients, so I'm not sure why that number is reflected on the page
Any thoughts?
... View more
- Tags:
- splunk-enterprise
11-05-2018
09:09 AM
After a couple of tests, we realized that the inputs were migrated as well. They all started showing up the moment after we enabled the connections.
... View more
10-19-2018
09:27 AM
1 Karma
I followed the migration procedure for Splunk DB connect http://docs.splunk.com/Documentation/DBX/3.1.3/DeployDBX/MigratefromDBConnectv1
I see that connections and identities got migrated, but I don't see any DB inputs. $SPLUNK_HOME$/etc/apps/splunk_app_db_connect/local/db_inputs.conf file has all the inputs configuration but none of them appear under Data Lab --> Inputs.
Any ideas?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
07-19-2023
03:02 PM
|
