Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
163 results
Sorted by:
01-22-2020
11:55 PM
“Create Source Type” inquiry.
We want to create a new sourcetype that break events based a word orderActivityRep { and the event ends with }.
How to do it
The logs arrive to Splunk in t...
07-20-2013
01:00 PM
I'm having trouble understanding how to create customer fields for my application logs. My logs have the following fields:
Timestamp SourceIP Token HTTP.Method URL Query.String Post.Data U...
03-06-2020
10:53 AM
I'm trying to create a custom source type which is reading a TSV log file and the 3 column in the file is a JSON payload wrapped in quotes. I can't figure out how to get the source type to parse o...
03-29-2019
01:55 PM
hi all,
I am trying to create a dropdown with 3 different source types to display a graph per source type.
If I try to change the source type, the graph doesn't show up.
01-14-2019
04:17 AM
Community, need some help to work with 2 different source types .
I'm trying to run a search where I need to match information from 2 sources in 1 table.
What I'm trying to do is:
index=u...
04-05-2018
03:41 AM
1 Karma
....html
I take in one file with multiple JSON and splits it into multiple source types.
However i have a sub issue, one of the source types is like below Text + JSON trace.
2018-01-10 15:52:0...
11-14-2013
02:28 AM
Hi there,
I've been trying to create a new source type, but unfortunately - with no success.
My data is uploaded from a CSV file (hold your horses, there's a small catch).
I put all of the r...
04-17-2017
07:44 AM
I am ingesting 1 file that has multiple server IP addresses. I need to source type each server based on the IP address. I have tried using the props.conf and transforms.conf with no luck. Any help w...
10-09-2018
07:02 AM
I want to create an alert that triggers when a source type doesn't exist in a lookup table (e.g. srctype.csv). But I'm not sure how to create the search string for this. The fields I'm using in the s...
04-25-2020
08:45 AM
...imezone fixes this problem but I would rather keep it.
What would be the best way to proceed?
Modify the syslog source type?
Create a new source type?
Report the issue and hope for a fix?
