Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
Hey there community and welcome to the 81st installment of Smart AnSwerS.
The San Francisco Bay Area user group will be meeting tomorrow, Wednesday, November 2nd @ 6:30PM PDT at Yahoo! HQ. Gregg Daly from the Children’s Discovery Museum of San Jose will be speaking on how the nonprofit has been using the free Splunk Enterprise license donated by Splunk4Good to monitor IT and security operations. Jason Szeto, principal software engineer at Splunk, will be giving a talk and live demo on a new Splunk feature currently under development. If you happen to be in the area, you’re welcome join us! Please visit the SFBA user group event page for more details and to RSVP.
Check out this week’s featured Splunk Answers posts:
LiquidTension’s cluster master was reporting 18 pending fixup tasks that were preventing both search and replication factors from being met, and this was an issue affecting several other users as well. Luckily, cluster master rbal from Splunk support answers the question, explaining why these messages occur in an indexer clustering environment, where to investigate in Splunk Web, and how to resolve the issue right away.
https://answers.splunk.com/answers/217020/why-is-cluster-master-reporting-cannot-fix-search.html
With inputs.conf getting updated periodically, agoyal needed a way to keep track of any changes made to the file. lukejadamec provides the steps for monitoring changes on an inputs.conf file, noting that there may be several Splunk instances that should be taken into account for complete coverage of all changes in a deployment.
https://answers.splunk.com/answers/448625/how-to-monitor-changes-made-to-the-inputsconf-file.html
dmacgillivray had a table with a multivalue field, and was looking for an SPL solution to filter out any values that did not match a certain format, but still maintain the same number of rows. New SplunkTrust member sundareshr provides two search solutions using eval and regex to get the same expected result.
https://answers.splunk.com/answers/447730/how-to-write-a-search-to-only-keep-a-certain-type.html
Thanks for reading!
Missed out on the first eighty Smart AnSwerS blog posts? Check ‘em out here!
http://blogs.splunk.com/author/ppablo
----------------------------------------------------
Thanks!
Patrick Pablo
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.