Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
140 results
Sorted by:
12-16-2020
04:21 PM
...creenshot of the search results when I just searched for " 60286da6ca69eb29 ". I want to find that "record" via "RayID= 60286da6ca69eb29 ". And really, I just want that record, that starts with t...
Labels
- Labels:
-
field extraction
04-02-2020
03:45 AM
Hi so suppose in my results there are 2 logs that are being retrieved. There is a status message which is either true or false. I want the color to be set to green when both of them are true. What I...
12-29-2016
07:02 AM
...re 270 results returned and when I check the 'Sourcetype' field on the left it does show that all 270 events are now in the new Sourcetype - ba.com:authentication:dob
However, when I click on t...
Tuesday
Hi splunk community, I feel like this is a very basic question but I couldn't get it to work. I want to search my index for the last 7 days and want to group my results by hour of the day. So t...
07-30-2019
01:20 AM
...ocs, i feel like - instead of using a Splunk Search Head Cluster(SHC), this DFS concepts will be using the external compute engines(Apache Spark Core) and produce the similar results, thus by reducing t...
02-11-2015
04:16 PM
3 Karma
...xpected results.
While logged into the search head, when I search for data specific to data hosted by Indexer01, I receive the expected results. However, when I search for data hosted by I...
- Tags:
- peer
- search-head
07-29-2020
01:40 AM
...s enabled. In this scenario for correlation searches the tstats command looks into the tsidx file to get the search results. My question here is how Splunk scans multiple indexes in my case t...
Labels
- Labels:
-
correlation search
-
other
04-14-2016
12:38 PM
1 Karma
...was executing. Therefore, search results might be incomplete. Hide errors.
•[SearchPeer1] Streamed search execute failed because: Error in 'xmlkv' command: Cannot find program 'xmlkv' or s...
10-09-2015
11:37 AM
I have a scheduled search that runs each minute, and the basic premise is that the resulting events get passed to a Python script for external action by another system. I need to create a t...
06-15-2012
01:19 PM
...aving a search which goes that far back is impracticable (or at least impractical).
My solution was to schedule a daily search which would save the results from the last 24 hours. After 3 months, f...
