Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
5,000 results
Sorted by:
06-26-2019
01:09 PM
...hem if they go down. We've created this search so far to accomplish this:
sourcetype=tandem* "Host is OFFLINE" OR "Host is ONLINE"
| rex field=Text "Host is (?P\w+)"
| stats latest(Status) as S...
01-11-2021
01:04 PM
Hey guys I've been having trouble finding documentation about removing indexed data. After looking through the "meta woot!" app I saw my hosts were growing a few thousand a day and my estreamer a...
Labels
- Labels:
-
host
11-25-2020
05:01 AM
...eployment app, neither on the searchheads. I have reloaded the server class that is linked to the host and app but I do not see any attempts to monitor the path I have given on the following spl q...
- Tags:
- Deployment Server
Labels
3 weeks ago
Hello folks, I have about 20 hosts that fall under index=devices I need a query that will display the count information for each host, once over a 24 hour period. My intention is to use t...
Labels
- Labels:
-
configuration
06-05-2014
01:25 PM
...howing the host being queried from a location, but I want to rename the output hosts .Example, we have server1 which hosts website1.com, server2 that hosts website2.com and so on. I would like the g...
03-22-2011
08:36 PM
1 Karma
My company has a server naming convention that specifies a number
Server01
Server02
Server03
Server04 -> Server100
How would i go about creating a search that would show events from Odd or E...
- Tags:
- search-help
07-07-2010
04:56 PM
I am indexing results from facter which logs information about each host. I can get the most up to date list of these system properties by running
sourcetype="puppet-facts" | dedup host
T...
08-15-2014
09:48 AM
1 Karma
I want to check the Splunk forwarder versions of about 70-90 hosts. Is there any way to do this? Is it possible from the deployment server or search head?
07-03-2020
12:28 AM
Hi Experts, Can someone explain to me what are different between searching with index, sourcetype and host? Which one give us performance better, in case we have only one host and one sourcetype? I...
Labels
