Splunk Support for Active Directory: How to get results for multiple ldap host
| ldaptestconnection domain="my Domain"
shows a single event, I have multiple hosts servicing as a LDAP s...
Hello Splunkers, I am used to use the following command to decrypt $7 Splunk configuration password such as pass4SymmKey or sslConfig. splunk show-decrypted --value '<e...
...ame for each "subsection" of the ps command. I want to be able to make a graph of each "proc" to show their cpu and memory usage over time. The processes will be in a random order. I have the time l...
...s poor 1 680 The image could not be found 1 809 Document not detected 1 When I do the stats command, I do not get any results: | spath input=jsondata |s...
Hello Splunkers!!
I want a list of dashboards and those dashboards are using saved searches & macros. How I can achieve those details by using rest command. So far I have tried the b...
This would be a piece of cake for someone who uses SPLUNK. I am doing a search using the 'stats', çount' and sort commands in the botsv1 index. I am to find the top ten URI's in ascending o...
Hello, I would like to use a subsearch to literally paste a command into the SPL e.g.: | makeresults
[| makeresults
| eval test="|eval t1 = \"hello\""
| return $test] &n...
Good morning, I need to know what the exact search command is in order to see this parameter: Enter a search that returns all web application events that contain a prohibited status (403)
How do I count the number of unique recipients of each type of unique attachment from emails. The same user could receive the same attachment in multiple emails. Using the “dedup” command?
Hi When I run thecommand below, it works fine index=toto event_id=4688 |
eval file_name=if(event_id==4688, replace(NewProcessName, "^*\\\\([^\\\\]+)$","\\1"),null) Now I need t...