This would be a piece of cake for someone who uses SPLUNK. I am doing a search using the 'stats', çount' and sort commands in the botsv1 index. I am to find the top ten URI's in ascending o...
Good morning, I need to know what the exact searchcommand is in order to see this parameter: Enter a search that returns all web application events that contain a prohibited status (403)
Hi guys, I'm using splunk 8.0
I want to create a command that can send some infos to another via web or api. I read the Dev page but hard to understand. Do you know some easy script?
Like I h...
How do you use the search= command with lpdasearch or lpdafilter? I seen examples where they are using search="(objectClass=user)" as to me I see that they are associating a field name to a group n...
Hi,
I am trying the following search syntax in Splunk to build out a report of our top 25 riskiest systems. But when I run it, I get “Unknown searchcommand 'isnull'” message.
Thanks in a...
Hi Splunkers,
I was wondering if it's possible to run a searchcommand only under specific conditions?
E.g. when a field containts a specific value or when total number of results are at least X...
Hello, I have the following issue, do you know any solution or workaround? (Or maybe I declared something wrongly...) When using a comma separated field values in MAP within the IN command, it i...
Hi Everyone! I'm having a stuff time trying to figure out a searchcommand for this lab assignment. So I inputted in the search bar, (source=/var/log/auth.log session | top user) and I got the u...