Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
10,000 results
Sorted by:
10-05-2020
01:54 PM
...ode): [<indexer hostname>] Streamed search execute failed because: Error in 'condensefields' command: External search command exited unexpectedly with non-zero error code 1.. I h...
Labels
- Labels:
-
python
11-16-2020
08:36 PM
1 Karma
Hi,
I am trying the following search syntax in Splunk to build out a report of our top 25 riskiest systems. But when I run it, I get “Unknown search command 'isnull'” message.
Thanks in a...
07-25-2019
09:18 AM
How do you use the search= command with lpdasearch or lpdafilter? I seen examples where they are using search="(objectClass=user)" as to me I see that they are associating a field name to a group n...
03-04-2021
06:10 PM
...he same field name - index. The issue is that I am getting false negatives. I have put in | search Missing_in_Blue="No" because I only want the docNum that is missing in index=x...
Labels
- Labels:
-
summary indexing
02-05-2021
01:09 PM
...alse so it doesn't run on the indexers. However, I'm still getting errors from the indexers " Streamed search execute failed because: Error in 'decrypt' command: External search command exited u...
Labels
- Labels:
-
troubleshooting
Show results in replies (4)
-
...rror message. Alert from saved search with decrypt command is not sent as well. Could you please c...
-
...Splunk query. If I run now sendemail after the decrypt I get: External search command 's...
-
...hunkedExternProcessor - Error in 'decrypt' command: External search command exited unexpectedly with n...
-
...nserting a non-streaming command like table before the decrypt command to force the query to run on t...
11-24-2020
06:47 PM
Hi Everyone! I'm having a stuff time trying to figure out a search command for this lab assignment. So I inputted in the search bar, (source=/var/log/auth.log session | top user) and I got the u...
03-06-2017
04:16 AM
1 Karma
...zAwdCwgdGhpcyBpcyBkZWNvZGVkIHN1Y2Nlc3NmdWxseSAhIQ==" | base64 field=base64_decode action=decode | table base64_decode
We get errors like this:
Search Factory: Unknown search command 'base64'.
However i...
- Tags:
- base64
- splunk-cloud
12-03-2019
08:19 AM
I am trying to extract fields Environment and Service with below search and receiving the error 'SearchParser': Missing a search command before '^'.
I got the rex command from Splunk field e...
08-19-2020
04:24 AM
Is it possible to replace the default search command within an app with a custom one? Basically what I would like to do is create a custom application where when you are in that a...
Labels
- Labels:
-
app
01-06-2014
11:21 PM
1 Karma
Hi Splunkers,
I was wondering if it's possible to run a search command only under specific conditions?
E.g. when a field containts a specific value or when total number of results are at least X...
