Trying to calculate the Packets per second (PPS) for sourcetype=traffic during the 1st quarter of 2013. Understand the mathematical formula just having problem formulating the right syntax. Can a...
Has anyone configured the PP TAP application in a clustered environment? I've been unable to find configurations to reference. We need to change the index the application sends to, add the API key i...
I have a field PP that I would like to use in eval statement to get a percentage from JSON data and using spath.
Here is the search:
index=main sourcetype=knowbe4 | head 1 | spath input=_raw p...
I have a search query like this
index=ppt sm.to{}="12-12-518@dt.com" OR sm.to{}="050920@cp.com" |table sm.to{} sm.stat
and I want to use a csv lookup instead because I have more email a...
...orry is that is a tongue twister this is whay I am looking for: if the mean for Jan is 3.5 pp/ml and the mean of Feb is 3.6 pp/ml I want my chart to display the over all accumulated mean u...
I've launched an AWS instance for the Splunk Enterprise AMI (https://aws.amazon.com/marketplace/pp/B00PUXWXNE ) with a public address. When I open http://pubic_address:8000/ on the browser, I c...
...ID latest(id) as ID latest(serial) AS Serial latest(type) AS Type latest(model) AS Model latest(version) AS Version latest(Carrier) AS Carrier latest(pp) AS PP latest(u_id) AS UID latest(wifi) AS w...