Smart AnSwerS #62

Hey there community and welcome to the 62nd installment of Smart AnSwerS.

There’s a lot of hustle and bustle going on at Splunk today as we will be expanding HQ with a brand new building next door! Construction has been ongoing for the past two years, but the big day is finally here with more than half of the Splunkers in our current building moving over. Folks are packing up their desks for the rest of the morning because in a little less than two hours, we’ll be celebrating the opening of the new building in true Splunk style with a Cinco de Mayo party. There is just no other way :)

Check out this week’s featured Splunk Answers posts:

Script to automate uploading diags to box.com

jgarland_gap wrote up a nifty bash script to automate the process of creating a diag and uploading it to a folder on box.com. He decided to post this question and answer out of the kindness of his heart to share with the rest of the Splunk community in case anyone else wanted to make their lives a little easier when a diag is requested.

Why is my Distributed Management Console trying to push a bundle to a newly added search peer which happens to be a standalone indexer?

lycollicott noticed the distributed management console was reporting a warning about being unable to distribute a bundle to a standalone indexer, but he didn’t understand why this was happening. ykou clarifies the difference between app, configuration, and search knowledge bundles, explaining how the DMC specifically sends search knowledge bundles to search peers in order to run ad-hoc searches against indexers being monitored.

Where can I find detailed use cases/scenarios for using the HTTP event collector in Splunk?

mcnamara had read a couple articles on the HTTP event collector, but wanted to see if there were any other resources that go into a little more depth on how it works and its advantages. renjith.nair provides a Splunk blog post that gives a comprehensive overview with examples on how to set it up. gblock joins in the discussion to help renjith.nair answer all of mcnamara’s follow up questions.

Thanks for reading!

Missed out on the first sixty-one Smart AnSwerS blog posts? Check ‘em out here!

Patrick Pablo
Posted by

Patrick Pablo

Born and raised in Los Angeles, Patrick made his way up north for college and fell in love with the Bay Area, making it his second home. After working 5 years for a non-profit as a college & career counselor in San Francisco public high schools, he stumbled across a new career opportunity himself! Patrick found a new way to apply his community organizing background in a way he didn’t know was possible at Splunk.

Join the Discussion