Hi Splunk Experts,
Need a clarrification - I have a .SPL file (contains artifacts, saved search, dashboards, macros, lookups,etc) extracted and exported from a stand alone search head (SH) box. N...
Hi, We are running Splunk on 3 Environments Env#1 is Splunk Cloud v 8.2.2112.1 Env#2 is Splunk Cloud v 9.0.2208.3 Env#3 is Splunk Enterprise v 9.0.1 The following SPL s...
Hello Splunkers,
How can i rename all the OrderNumber1, OrderNumber2, OrderNumber3 as OrderNumber. And Country1, Country2,Country4 as Country. I have attached the screenshot also.
&n...
I get asked some form of this question often and I know what my answer is but I am curious about others. What is your opinion of the top 10 most powerful SPL command that every expert splunk user o...
Hello,
I am trying to manually import the .spl file of a Splunk addon called 'Windows Event Log Analysis', the file has been provided on the EventID website here: http://www.eventid . net/spl...
...tsi_entity_name_normalizer import job to ensure that every entity will get an alias called entity_name. They use this alias for other searches in the logic created from the content pack so it is import...
...'ve used Excel and both it's 'Data:Filter' function along with custom formulas. But that all seems so restrictive now, compared to SPL.
Any suggestions? (Aside from temporarily importing my offline d...
...hat I have inherited the maintenance for the add-on and don’t have an app export from the original Add-on Builder.
I have tried a couple of things that include importing the spl and tgz files as a p...
...fter next push cause I just don't like it)
- TRANSFORMS - can not find any items of interest here
I have tried the following alternative searches
index=any-index-value
OR
index=a...
...emove of the header is not working. The complete file is being indexed. What am I doing wrong?
Also I want to use the column names in the CSV as field names in Splunk from the line I did not r...