Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
149 results
Sorted by:
07-28-2023
05:37 AM
....... This works, though I really don't like having to hardcode exessive values like this. What I would prefer is a way to, based on the fields observed in the base search, generate m...
08-23-2019
05:52 AM
...omething like:
I've been messing with CSS files, but that is not a sustainable solution.
Also I've found the Splunk documentation on how to Generate a single value. This give me part of w...
04-18-2017
02:47 PM
How to change stats to generate a single value background color AND font colour
- Tags:
- splunk-enterprise
01-09-2017
10:06 AM
...ith identical values in what should be single valued fields?
My suspicion is that it could be interplay with a field extraction (or similar)? (As it looks, to me, like certain fields have been e...
02-12-2019
11:13 PM
Hi, I want to have table of single values (single values with indicator of movement(percentage)). The first column is name and the second is the single value. Name should be loaded from csv, for e...
10-24-2016
02:16 PM
I have a list of hosts that submit logs periodically. I need Splunk to generate an alert if the last time it received a log from a host on this list is older than a configurable value per host.
T...
11-02-2020
09:09 AM
...ould I add the values of latest(registrations) to provide a single value for all 3 hosts? For example, I would like only the sum of the latest registrations (98) to display in a single value p...
10-23-2019
10:16 PM
1 Karma
...anceled, failed, and completed. I'd like to group 'failed/canceled' into a single value called 'errors', and then divide errors by total requests to get a error rate percentage.
| eval status=if(IN(i...
01-22-2018
07:09 AM
Hi Splunkers,
To insert a single new value into a lookup table, I've been running something like this:
index=_audit earliest=-10s | eval myfield="foo"
| dedup myfield
| table m...
- Tags:
- lookups
- splunk-cloud
03-10-2017
09:13 AM
...ot a single value. My understanding is that this prevents me from using eval/if based on _time or a time token from my search.
base search
| join sample_name
[ run either search1 or search2]
| t...
