I created a field extractor for different fields for an event. Now I would like to search all the events from a source and apply that field extractor to see thefields that I'm interested in. Thefield...
...ultiple times through the UI via a Transformation field, but nothing I seem to do creates a new multivalue field (new field would be "dns_answers").
I figured this would work, but it doesn't:
R...
...e at index-time or search-time. What is important to me is that I would be able to see thefields when I search the events. I have been searching for 2 days now and tried different answers I came a...
from a customer:
I'm struggling with how I SHOULD be doing inputs and also props/transforms/etc stuff within Splunk Cloud.
In short, I am used to using shell access and I want to know what's the...
...s, I see that in the last few lines of \Splunk\etc\apps\windows\default\transforms.conf include the following entry:
###### Windows Firewall Log ######
[Transform_Windows_FW]
DELIMS = " "
FIELD...
Hi fellow Splunkers! I am an admin for our Splunk Enterprise Environment and when we have users on any of the teams that we support leave their teams or leave the company we try to stay on top of r...