If telephone number is present in both Index 1 and Index 2 display the associated device name from the event in index 2 and then display resolution code from index 2. If anyone could point me in the ...
I have used that search tutorials for splunk.
Is there any similar one splunk ES?!?!
For splunk, there is a tutorials data zip file splunk provides. For learning ES, is there any data dump to p...
Hi,
How to use line breaking to break events before TBD, new event starts with TBD.
sampledata:
ABC*11*231~
CFFGBPR*DD*1212*Ddf*12333~
TBD*1*3234454*12223355~
DFR*ESDFR*5ewewesd112~
d...
Hi All, below are the sample logs: can i get props for this sample logs.
-------------------------------------------------------------
Time: 02/12/2021 01:45:05.777
Message: there is a...
I am using a HEC and configured a custom source type that sets _time based on a field in the JSON data and when using the "add data" sampledata, it works great. _time gets updated, however, w...
I have raw data like this,
09:00:06 08/01/2016 good TSMONW46PRDV [TSMONW46PRDV][AP] Disk Space Disk/File System/[C]/percent full=45.745, Disk/File System/[E]/percent full=34.595
I...