Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
296 results
Sorted by:
05-20-2020
11:48 AM
I'm having no luck building a regex to match cs_usernames . What I'm looking for are two separate searches both based on the
cs_username field. The first search is to find all instances w...
03-01-2019
02:29 AM
...nformation under "Manage Apps".
Now I want to build a dashboard that shows any available updates for Splunk Enterprise + Splunk apps.
For Splunk apps, it is possible to run a search which shows a...
02-01-2019
01:40 AM
Hi!
I need help with a search to find scheduled reports that are running. I want to know what are exactly running right now.
Is there someone who can help me with that?
06-12-2020
04:08 PM
...esponse, 2894 OpenDNS DNSCrypt, 577 I to united similia events and output should be this: signature, count Torrent, 1864 DNS, 87230 Can someone help me with the search p...
Labels
09-27-2017
02:28 PM
So i am trying to convert some of my searches from joins to appendcol to improve performance but I am running into some problems.
I can't figure out how to create a table in this question- so j...
11-15-2018
09:48 AM
...he usecase.
To check the enabled usecases I'm using the below query.
| rest splunk_server=local count=0 /services/saved/searches
| search disabled=0 AND ( action.risk=1 OR action.notable=1 ) | t...
12-06-2016
09:56 AM
...e able to find the change in value, per server over time.
I would like the results to be similar to:
Server ChangeSinceYesterday
abc 5
xyz 8
Can anyone help me to do this i...
11-15-2016
01:35 PM
I must apologize as I have found partial examples of what I am looking for, but I'm not well-versed enough to merge them together to get what I need. I have a search:
index="msexchange" s...
06-22-2015
01:47 AM
1 Karma
...ays here, not years):
index=index earliest=-0d@d latest=now | append [search index=index earliest=-1d@d latest=-0d@d]
What's the best way to build this search for this? Would love some help 🙂
07-30-2015
03:13 AM
Hello,
I have built a Splunk testing / staging environment on top of 6 VMs. Splunk version is 6.2.3 and us running on CentOS 6.6. I have 1 Search Head, 1 Utilities Server (Cluster Master / D...
