I no longer see ExtremeSearch on Splunkbase.
Is it part of Splunk or Enterprise Security? (We are a few version behind)
Or has it been removed/deprecated or possible under another name?
I am very new using ExtremeSearches. I have used the extremesearch example that is displayed on the page in Splunk Docs.
| `datamodel("Authentication","Authentication")` | stats values(A...
Can I install and use ExtremeSearch without Enterprise Seurity?
If yes, where should be installed (Search Head, Indexers)?
Any recommendations to consider?
Thank you very much.
...t;
How can I rerun this in my javascript through referring to the id? (or some other identifier)?
my idea is something like:
var sm = new SearchManager({
id: "r...
Hi,
I am trying to create a base search for my post process searches that references a scheduled report. From looking around I found that you use the following
<search id="baseSearch" r...
...ay_1_2")
This works if the query latest time is now, but if I select the time range to be 7-10 days ago, how would I reference the start time of the search time range so I can pass it into relative_time? thanks
Lets say I have a search:
((value1 OR value_*) OR (status=404 OR status=500 OR status=503)) (index="main" OR index="secondary" )
(practically identical to the actual search used; in terms o...
...ased on a baseline period of behavior. After reading George Starcher's blog entries on the subject of ExtremeSearch I am considering implementing those searches using that app, but I am concerned that I...