I have a report that lists malware received by email that is part of a dashboard. Some months the list for each person can have dozens of events listed. Management would like to only show the l...
Hello Community, I am trying to calculate number of days (difference) between today's date and a list of dates but getting desired result only for 1 record out of list of records (different dates)....
I have 2 reports which I want to combine so that I get 1 email with both information. 1. Total number of hosts index=abcd mysearch | stats count as Hostname 2. List of hosts index=abcd m...
I did this a few weeks ago and now I can't seem figure out how I did it.
I need a report listing all UFs, with their version of splunk UF as well as specific OS version.
Searched all over here a...
I would like to get the number of hosts per index in the last 7 days, the query as below gave me the format but not the correct number.
| tstats dc(host) where index=* by _time index | t...
I have an event with a field = message_id.
I have to count the number of occurrences of this id based on a input list of possible values eg. [value1,value2,value3]
something like -> | s...
I have events formatted like this:
09/19/16 07:07:00 | Name=ABC123 Host=MyHost123.com
ProcessHistogram2: 0,0,0,0,0,0,0,1,0,34,66,66,64,68,60,79,7374,13812,0,0,0,0,0,0,0,0,0,0
I am trying to g...
I need to find list of serial numbers that have been extracted as a field value where they have not been seen in over 7 days.
Sometimes our systems stop reporting to the network share and we want t...
...nputs.conf make Splunk ignore those files? Does that mean that I should be seeing less files being monitored in /splunk list monitor as well as the Data Inputs in the Splunk webpage?
- Or is the o...
Given the following log entry how would a find the number of host entries and assign it to a field?
Thanks!
FINEST|1137/0|Service KOALA-MANGOES|13-12-14 00:13:35|INFO: Available nodes: [h...