Hi, I'm attempting to calculate the average of the last six CPU event values. If the average of those six events is greater than 95%, an alert must be sent. I basically tried the below query, but i...
...corecards with six months of data, with summary index. Some searches are more recently (one day ago, for example).
I would like to have six months of data in the summary index, and every 30 minutes get new d...
Is this string anywhere near where I need to be to find word1 and word2 no more than 6 words apart in the field interaction.content:
interaction.content word1\W+(?:\w+\W+){1,6}?word2
Any hel...
I'm still relatively new to Splunk and am having trouble understanding Timechart and the proper syntax for it. I'm looking to gather 6 months worth of Trend data for compliance purposes. Currently, I...
I have date field which is showing date I want only last date of every month and i want filter only last six month if i choose in time picker last 6 moth it shows last date of month like
2019-0...
In searchhead cluster with six machines, only one SH machine is not giving results for a particular app. We have checked right corner>help>about>server. All 5 other SH's giving r...
We have a massive Splunk environment and QA process is pretty stringent when it comes to data onboarding. As part of that, we also do check the magix six props.conf attributes but process to check i...
Hi,
I want to generate the monthly report for the past six months and need the count of failed logs for each month.
Example:
July Count 20
June Count 15
.....
....
....
Jan Count 5...
Hi,
I want to skip first six header lines since they don't have time stamp information to index.please help
McAfee ePO 5.3.1.296
Server name: XXXXXXXX(XXXXXXXX.XXXX.XXXX.XXXXXXX.com.XX)
P...
Hi,
I am trying to extract sequence of events from logs by using transaction command. I am looking for sequence of six events. It works well as long as the first and the last events are not the s...