Search

AlexeySh · ‎06-04-2018

Hello, I’d like to create an alert on ransomware detections. I have file events logs and their most important field is ‘file_name’. It looks like this: File_name File1.txt File2.pdf File3.xls...

nqjpm · ‎08-31-2018

...ac | 12.8 | 03468| iOS | 18.0 | 97621| Android | 18.8 | However, I need to check certain AppVersions against the Platform. I imagine it would need multiple i...

poddraj · ‎04-29-2020

Hi, My scenario is that I have Counts of Total Requests, Success, Failure & Failure% for time span of every 30 mins over last 2 hours Let's say first 30mins I got 100 hits and failure% is m...

Raghav2384 · ‎04-13-2014

...ctual_Time_to_Resolve/3600|stats count(Number),sum(BTTR) as BTTR_Sum, perc95(BTTR) as P95 by "Group service" every event has Actual_Time_to_Resolve based on which,i calculate BTTR and then P95 which is the 9...

willial · ‎08-05-2014

...nService=if(enteredService<beginTime AND (isnull(leftService) OR leftService>beginTime),1,0) The problem is I want to sum up all of these 1s but only once for each distinct serial number (a...

FZenner

...) and a separate one for modifying existing entries, Its not possible for me to combine them into one and switching inbetween the two functions based on a value provided by an input field. I´ve so f...

cjenkins666 · ‎06-10-2019

...he row field value and transforming it to a sha256 value using eval statement. Problem is the sha256() function does not appear to work, the value passed is the whole eval line? <condit...

373782073 · ‎07-23-2019

Hi all I am trying to use the eval case function to populate a new field based on the values of 2 existing fields that meet certain string value matching. For example: | eval ValueY=case(S...

gajananh999 · ‎10-03-2014

Hello Everyone, i want to check one condition in splunk and if that condition match and then i need to get those events who matches condition else result should be null LAST < sysdate - (1...

yogip86

...ut non event condition. require([ 'underscore', 'jquery', 'splunkjs/mvc', "splunkjs/mvc/searchmanager", 'splunkjs/mvc/simplexml/ready!' ], function (_, $, mvc, SearchManager) { c...

Search

Search the Community

Is it possible to use a comparison / conditional f...

Comparison and condition function help. Multiple I...

Conditional Alert based on comparison of results o...

sum function with conditions

Conditional count in stats function

Conditional functions in dashboards

How to token in an eval sha256 function under a Si...

How to use conditional comparison of two field val...

How to use comparison operators in a search to mat...

Java SearchManager condition execution of function