Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
67 results
Sorted by:
06-04-2018
05:08 AM
Hello,
I’d like to create an alert on ransomware detections. I have file events logs and their most important field is ‘file_name’. It looks like this:
File_name
File1.txt
File2.pdf
File3.xls...
08-31-2018
02:22 PM
...ac | 12.8 |
03468| iOS | 18.0 |
97621| Android | 18.8 |
However, I need to check certain AppVersions against the Platform.
I imagine it would need multiple i...
2 weeks ago
Hello community,
like to ask for support to get over conditional formatting. I have 3 different products in a group. Product A, B and C and I need to add for each of them a different formula (c...
Labels
- Labels:
-
eval
Show results in replies (7)
-
A case function should do the job. | eval ProductGroup = case(product=A, group*100/3.33, product=B...
-
I want eval a row called RML = case (in the row "group", for a VALUE A divided by 3.33*100, in the ...
-
Hello, not really as the formula does not work unfortunately. I want eval a group = case (in the r...
-
Please elaborate on "does not work". What results do you get and how do they not meet e...
-
|eval ProductGroup=case(group=="PRODUCT_A",group/3.33*100 ,group=="PRODUCT B",group/3.061*100...
-
This looks like a faithful interpretation of the OP's question, but won't work because if the group...
-
Hello Rich, thanks for message. Finally I´ve managed apply case function and resolved the i...
11-11-2021
08:49 PM
...ny time. I have 3 of these types of conditions, but they are all under the same field name. The struggle for me is combining these if else functions into one multi conditional function. I have s...
Labels
- Labels:
-
Other
04-29-2020
02:13 AM
Hi,
My scenario is that I have Counts of Total Requests, Success, Failure & Failure% for time span of every 30 mins over last 2 hours
Let's say first 30mins I got 100 hits and failure% is m...
Labels
- Labels:
-
alert condition
04-13-2014
08:53 PM
...ctual_Time_to_Resolve/3600|stats count(Number),sum(BTTR) as BTTR_Sum, perc95(BTTR) as P95 by "Group service"
every event has Actual_Time_to_Resolve based on which,i calculate BTTR and then P95 which is the 9...
- Tags:
- sum
08-05-2014
10:51 AM
1 Karma
...nService=if(enteredService<beginTime AND (isnull(leftService) OR leftService>beginTime),1,0)
The problem is I want to sum up all of these 1s but only once for each distinct serial number (a...
07-02-2019
02:07 AM
Hi
I am New to Splunk
I have created one dashboard like below
ProcessName LastUpdated
ProcessA 2019-05-16 14:42:21.12
ProcessB 2019-05-16 14:50:21.12
ProcessC ...
- Tags:
- splunk-cloud
07-23-2019
09:36 PM
1 Karma
Hi all
I am trying to use the eval case function to populate a new field based on the values of 2 existing fields that meet certain string value matching.
For example:
| eval ValueY=case(S...
06-10-2019
10:38 AM
...he row field value and transforming it to a sha256 value using eval statement.
Problem is the sha256() function does not appear to work, the value passed is the whole eval line?
<condit...
