I am looking to build an alert that is fired on the first and last business day of the month. Do you know of a way to make the search only run on those days?
Thank you
... View more
Is there a way in splunk to identify how much network traffic is being sent from the indexers (not just how much is indexed)? In addition, can I find a rough estimate of traffic from search head to user? I am not sure if Splunk logs this, but I was hoping.
... View more
I would like to know if it is possible to be alerted if a file is older then a specific time frame. We have files that are written down every 5 minutes. I would like to be alerted if the age of the file is in excess of 7 minutes.
Any input would be appreciated.
... View more
I am looking to run a daily report of users from a specific OU that are listed as logging in interactively (EventCode=4624 AND Logon_Type=3). Is there a way to run the subsearch to correlate that for a daily report?
... View more
I am looking to remove the ::ffff: from Windows event logs:
Network Information:
Client Address: ::ffff:XX.XX.XX.XX
Client Port: 51806
Any assistance would be appreciated.
... View more
Is it possible for a file monitored with fsmonitor to send an alert on any difference of the file? or would monitoring the file be able to provide that visibility.
... View more
I have installed the Splunk App for XenApp and I am getting data from the 6.5 version systems in my environment, but no data is coming from my version 5. I am getting Windows Event data, but none of the data from the powershell scripts.
... View more
I would like create a monitor/alert that looks for a *.msg file in a particular folder on the quarter hour. Any advice for the Inputs config would be appreciated.
... View more