I am trying to use parameter into the search using IN condition. Query is retuning results if I put data directly into the search but my dashboard logic require to use parameter .
........
hello all! I am trying to add field to an artifact with "update artifact" action (phantom app). i am trying to add a 'message parameter' in the 'value' at the cef_json field: for e...
Hi, during a playbook, I would like to check a parameter with a condition, and if the condition result true, I would like to use that parameter. But if the condition result is false, I w...
Our logs will have urls logged in the below manner: /v1/customers/1/sites?includeContacts=True&showOnlyPrimarySites=True&purpose=Billing&pageNumber=1&pageSize=10 These query string ...
...mp;hid=116903
I want to extract all the parameters from it, like from-id ,q-out etc.
the query I am using is like
index=my_site source=sa-*tomcat_access.log url | rex field=url "[search.do...
Hello, I need help with perfecting a sourcetype that doesn't index my json files correctly when I am defining multiple capture groups within the LINE_BREAKER parameter. I'm using this o...
when I type this command in git bash /opt/splunk/bin/splunk apply shcluster-bundle -target to get cluster status I keep getting the error "Error, Parameters must be in the f...
I have a saved "MySearch" that takes a parameter "INPUT_SessionId", something like this: index=foo | ... some stuff | search $INPUT_SessionId$ | ... more stuff And then "MySearch" invoked l...
...oes not talk about TIMESTAMP_FIELDS
We are using this parameter for another JSON source and it works fine too.
Examples :
UF side :
etc/deployment-apps/_...
Hi everyone,
I have created a custom command in Python that needs a parameter, which is one of the fields of the search.
The script is as the following:
import splunk.Intersplunk
def f...