...et back the proper results with dispatchState: DONE and eventCount: 0 but I know for sure that there are results because I also tried running the same query from the Splunk UI and I do get results back....
It appears there seems to be a limit of the number of events can be in a transaction.
I am doing transactions, and it seems when the number of transactions is over 90 and I export it to CSV, it app...
I'm attempting to write a search using eventcount command. I want to graph the number of events in my index/sourcetype per day of a span of week. Can I use evencount for this? I'm not having much l...
We have data set which aggregated sessions with it's eventcount for each event.
We are looking at setting up an alert for sessions where eventcount exceeded "normalcy".
For Bell-curved data w...
...re the eventcounts for each ComputerName where x=[10, 20, 30, 40], and maxevents undefined (i.e. not included in the SPL).:
________________ x = 10_____20_____30_____40__Undefined
Computer1, t...
i want to count eventcount comparison using time trends chart for today , lastweek and last2weeks. below are the my searches
index=something sourcetype=something earliest=-0d@d latest=@h| t...
Hi all, when i do an inputcsv command, I see the data in the file I put on the splunk server. Since I want to see them as events I query the following:
| inputcsv filename.csv (I see all the data...