Hi Team Can you please let me know why i am not able fetch the base_date in the dashoard using the below logic. Please help me to fix this issue. Splunk query : <i...
Hi,
I have few queries related to lookup in Splunk.
My lookup file - list-of-master-ids.csv
content of csv file
MASTER_ID (Column)
AA0012A (Row1)
BB1113B (Row2)
CC22232B (Row3)
...
...req_used_jobs_bmp_3months.csv which is a simple two columnar file
jobName, freq_count
I tried to join main query with this inputfile. I want to operate and write SPL queries o...
Hey guys, good night, how are you?
I have a big problem
I created an app with the integration of a checkbox with ModalView
I need to send the data shown in the modal to a lookup, but the popup....
...uestion, as it's only returning 1 value, how does it choose which value to return?
index = email
serialnumber=123456789
| join serialnumber type=left [ search index=db | dedup Y | rename serial AS s...
mainsearch| stats count(_raw) as Cou by hour |join hour [ subsearch| head -$Cou$ ]
Above mentioned command is not working, as main search values can be used as values in subsearch b...
...ind the matching username (i.e who that IP belongs to)
Time, IP, hostname, UA, loginname, Branch, username
I have this so far:
sourcetype=WebLogs (other- logic)| stats count by Time,IP_address,H...
Hello everyone!
I am currently trying to use summary indexing using the si- commands. It is working well for "simple" request (medians, distinct counts of user etc etc...)
But I am now stuck on...