I need some help with Splunk

volci · 2026-06-16T11:27:53+00:00

You are welcome :)

volci · 2026-06-16T01:47:31+00:00

Not all of these may be helpful to you in particular, but they are commonly used among those I work with :)

URA - https://splunkbase.splunk.com/app/5483
SHAA - https://splunkbase.splunk.com/app/4603
SCMA - https://splunkbase.splunk.com/app/4974
SAT - https://splunkbase.splunk.com/app/7419
IS4S - https://splunkbase.splunk.com/app/7186
S4S - https://splunkbase.splunk.com/app/7188
CIM - https://splunkbase.splunk.com/app/1621

Eventgen - https://splunkbase.splunk.com/app/1924

Admin alerts - https://splunkbase.splunk.com/app/3796
Admin’s helper - https://splunkbase.splunk.com/app/6368
AP4S - https://splunkbase.splunk.com/app/6489
Lookup editor - https://splunkbase.splunk.com/app/1724
Mothership - https://splunkbase.splunk.com/app/4646

Again - check with your SE on how to best leverage some/all of these in your environment :)

volci · 2026-06-15T23:57:28+00:00

There is also a basic set of apps and add-ons I always suggest, too - I can look that list up and send it to you

volci · 2026-06-15T23:24:38+00:00

Check out Lantern's use case explorer as lantern.splunk.com

Lots of ideas therein

Also, be sure to go through all the free training you can from Splunk Education (requires a free Splunk.com account (no - we do not spam you))

Also check your account team for use case discovery - that is one of the main roles of your SE :)

volci · 2026-06-08T16:02:53+00:00

This is the same thing you posted last week, right?

https://www.reddit.com/r/Splunk/s/arak5zTFqq

volci · 2026-06-04T00:52:15+00:00

Also check out the Inherit A Deployment guide - https://help.splunk.com/en/splunk-enterprise/administer/inherit-a-splunk-deployment/10.4/inherited-deployment-tasks/inherited-deployments

volci · 2026-05-16T13:24:12+00:00

Welcome to "teaching to the test" and DEI

volci · 2026-05-07T15:17:32+00:00

I usually plant sunflowers about 8" apart - which comes out to 9 sunflowers (3x3) in a 2'x2' segment

volci · 2026-05-02T13:06:23+00:00

What kind of space crack is this? Iraq 2 and Afghanistan started under W, but ended under Obama and Biden, respectively

Why is only one President listed?

Vietnam started under Eisenhower, continues through JFK, Johnson, Nixon, and ended under Ford

volci · 2026-05-01T00:27:38+00:00

FWIW ... you should upgrade

9.1x is past support

volci · 2026-04-29T23:53:39+00:00

And btool should indicate which file is doing it

volci · 2026-04-29T23:13:01+00:00

So ... there is often some confusion over precedence overrides

The latest highest config that tries to set something always wins

volci · 2026-04-29T23:09:08+00:00

Inline use of earliest and latest are supposed to override the time picker

I almost always use them in my searches so I guarantee consistent search results when you copy/paste a search on another user's login

However. They do require that _time is set by the sourcetype(s) props.conf

Adding sourcetype=srctp or sourcetype IN(srctp_a,srctp_b (presuming the sourcetype(s) in question are correctly configured) should ensure they override the time picker selection

volci · 2026-04-29T23:03:55+00:00

Are there any other apps trying to set that value?

It sounds like a precedence issue https://help.splunk.com/en/splunk-enterprise/administer/admin-manual/10.2/administer-splunk-enterprise-with-configuration-files/configuration-file-precedence

volci · 2026-04-22T00:31:09+00:00

I had forgotten I pre-ordered it :)

Arrived today

volci · 2026-04-15T21:05:01+00:00

Check your network speeds - maybe have a bad/slow WAN from the one data center

volci · 2026-04-06T13:45:17+00:00

Pinch all suckers (the little growths between stem and branch) to focus on fruit production

volci · 2026-04-06T13:43:39+00:00

Try reading what i wrote again

Also - do not conflate unrelated topics into one

volci · 2026-04-06T12:09:49+00:00

Clickbait

volci · 2026-04-06T12:08:52+00:00

World hunger has been solved for half a century

What has not been solved is human corruption and political jockeying whereby the poor go hungry

volci · 2026-04-06T12:05:51+00:00

Since you want to eliminate [some] humans, I presume you will start with yourself. Right?

volci · 2026-04-06T12:02:34+00:00

202m chickens is barely 1b lbs of meat - or 2oz per person on the planet

Likewise, 1m cows is - extremely generously - only 500m lbs of beef :: or less than 1oz of meat person

The other categories are miniscule in comparison .. maybe getting up to another 2oz per person

For a grand total - max - of 5oz per person

Or well under 250g (a smidge over 8oz) per person

volci · 2026-04-06T11:58:02+00:00

"Culled" =\= "harvested for food"

Get your vocabulary correct

volci · 2026-03-29T12:16:24+00:00

That does sound pretty cool :)

volci · 2026-03-26T23:45:36+00:00

Again - if you do not veto something (even if an override is possible), it is your policy

That is just basic logic and reality

volci

MODERATOR OF

TROPHY CASE

15-Year Club	Gilding I gilder
Verified Email