Learning, learning, learning . . . Our Splunk "expert" is gone, and the non-programmer gets to learn the task! How do you spell SPLUNK?
The dojo of Splunk. Learn, share, teach, mentor.
Videos
Latest Activity
Michael Wilde commented on Michael Wilde's video
Sure... When you do group mapping, map them to groups that don't have the domain admins in them. I have a separate OU=Groups that has "Splunk Users, Splunk Admins, Splunk Power Users" as group names, and specific users…
Mike Hartford commented on Michael Wilde's video
I want to give LDAP access to my splunk servcie but I don't want the LDAP users to have admin capabilitys in Splunk. Can I keep the domain admins out of Splunk if I have LDAP authentication???
Mike Hartford left a comment for Jonathan Hawes
Helow Jonathan,
Glad to have another Splunker. I've been useing Splunk for 2 years and am hooked. I leared how to spell splunk and | transaction too. you'll learn that one soon.
Go over to Splunk…
Mike Hartford commented on Mike Hartford's blog post 'tees for the holy day'
Holy Batskins Ninja, zzzzzwap zgruppp kapow a hidden stash, how great is that!!!!
The team that found them must have special bat senses and highly tooned Splunking skills
I like to wear Extra Lovable…
Cool Search Commands (22)
| Discussions | Replies | Latest Activity |
|---|---|---|
 Correlation between different source that have different value keyHi,I have difficulties on using search to correlate these two events from two different sourcetype.For example (this is not a real producti… Started by Andi Susanto |
1 |
Nov 3, 2011 Reply by Michael Wilde |
Regex helpI am trying to pull out the hostname of a virus scan message and create a new field, but I am not having any luck. This is the part of the… Started by Perry |
1 |
Oct 4, 2011 Reply by Michael Wilde |
What mail agent to use on a Windows boxI was just handed a Plunk server using windows 2003 and asked to configure it to send out email notices. Besides Sendmail, what other MTA… Started by Bill Price |
2 |
Aug 10, 2011 Reply by Bill Price |
 The "I suck at regex" class at Splunk User conferenceI'm planning on doing a really fun regex class during Splunk's user conference.... the premise is: In this class, we'll make one of the mos… Started by Michael Wilde |
3 |
Jul 30, 2010 Reply by Phillip Manning |
Forwarding setupI am a real Splunk newbie, and trying to figure out forwarding.I've installed splunk on server1 and server2. Server1 is my main server, an… Started by Adam Peterson |
1 |
Jul 26, 2010 Reply by Mark Sleeper |
 sum fields in same eventI need to sum fields by other fields in the same event. Here is an example event: _time somefieldname some… Started by Joe Rizzo |
2 |
Jun 30, 2010 Reply by Joe Rizzo |
Synthesizing sistats in search resultsI have a service that drops a stats line every minute on every host on 20+ hosts. If I use sistats I lose information on the true count of… Started by Blaine Morgan |
0 | Jun 22, 2010 |
Comparing events from 2 dates to detect new eventsHi,were using NMAP via scripted input to track live hosts on the networkim getting events formated using sed like:Fri Apr 9 16:11:50 IDT 20… Started by Alon Agmon |
0 | Apr 10, 2010 |
 Encountered the following error while trying to update: In handler 'savedsearch': Argument "action.summary_index." is not supported by this handlerHi, While trying to save a very simple search I ran into this: Encountered the following error while trying to update: In handler 'savedsea… Started by Marcelo Finkielsztein |
1 |
Apr 8, 2010 Reply by Marcelo Finkielsztein |
Incorrect Links for swfobject.js when using amMap AppAll, It appears that I'm having a classic "You need to upgrade your Flash Player" problem that many users encounter when trying to run am… Started by James Esposito |
0 | Apr 7, 2010 |
© 2012 Created by Michael Wilde.
