The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.
Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.
Forums: Posted by ajuntune
| Topic | Author | Replies | Latest Post |
|---|---|---|---|
|
search for failed logins
In: SplunkSearchAndAlert
(Not tagged)
I know how to search for failed logins for a specific user like "administrator", but how do I do a search ...
|
1
|
25 months ago... | |
|
report hosts by volume
In: SplunkReporting
(Not tagged)
This will do it. So I look at this every morning to see what systems are sending the most logging data. ...
I know it's the "All indexed data" There's a "daily indexing by volume" canned report that you can just add to a dashboard, but I'm using ... Hi, I'm a noob, there's a great report on the main page that shows log volume by hostname. it's a ... |
3
|
33 months ago... | |
|
timestamp on the left hand side not working
In: SplunkAdministration
(Not tagged)
here is a sample line.
Aug 2 12:02:06 chs-vm01 logger: (1249232463) hb: vmk loaded, 1014341.92, ...
Hi, I'm using snare to send windows logs to syslog-ng which dumps into a fifo file that splunk digests. ... |
3
|
34 months ago... | |
|
Comparison of Splunk vs. Zenoss for a small IT shop??
In: SplunkGeneral
(Not tagged)
I'll put in a plug for nagios
logfiles: We use nagios with splunk2nagios and it works pretty well - ...
|
3
|
34 months ago... | |
|
Troubleshooting
In: SplunkAdministration
(Not tagged)
/opt/splunk/bin/splunk is just a script, so i edited it and changed
RETVAL=$? to RETVAL=0
so ...
I just installed splunk4 on 64bit REL 5.3 using splunk-4.0.1-64658-linux-2.6-x86_64.rpm. The first ... |
1
|
35 months ago... |