All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

I just enabled the time input for Splunk TA Nix and I don't see extractions?

daniel333
Builder
‎04-11-2018 07:02 PM

All,

I just enabled the time input for Splunk_TA_nix and I am getting data. But I don't see any extractions. I dug into the Splunk App and I dont see that there are any. was there another app I need to install for this? Can anyone tell me what my field extractions are for setting up the NTP dashboard in Splunk ES?

alt text

Tags (1)
Preview file
1 KB
0 Karma
Reply

p_gurav
Champion
‎04-12-2018 01:48 AM

You can try using below apps:
https://splunkbase.splunk.com/app/1567/
https://splunkbase.splunk.com/app/3154/#/details

Also you can manually extract data using regex.

0 Karma
Reply

daniel333
Builder
‎04-13-2018 10:54 AM

So I was expecting the default time input from Splunk_TA_nix to have extractions and tags that work with SplunkES. Was I mistaken?

0 Karma
Reply

p_gurav
Champion
‎04-15-2018 09:12 PM

Where did you installed add-on?

0 Karma
Reply

adonio
Ultra Champion
‎04-13-2018 12:25 PM

do you have the TA installed on the Search Head as well?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...