Splunk Enterprise

How to determine the order of index like rowid in tables of oracle



I would like to know if we can judge the order of index with some inner field in splunk.

Is there any way to determine an event in one index.

Dos Splunk has any inner field which we can use to judge the order of one index.

like  it was in oracle,we can use the rowid to determine the unique number of the row.

If you have any ideas,or advices,I will be appreciated for your help

Labels (1)
0 Karma



currently there haven’t any individual field which is unique for row. You could find more here https://community.splunk.com/t5/Splunk-Search/Does-each-Splunk-event-have-a-unique-identifier/td-p/9...

r. Ismo

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...