Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
172 results
Sorted by:
03-09-2018
08:46 AM
I have a dropdown selection for a Policy field. I want to be able modify the search time based on the policy selected in the dropdown.
The drop down has 3 static options and depending on what i...
07-11-2018
12:16 PM
Hey everyone,
I've got a query here that I'm using to find values over 3 different periods of time. Today, yesterday and two days ago. I've made this query into a report and attached it to a d...
06-07-2018
01:33 PM
I have a dashboard which uses tokens that look like this
earliest=$TIME.earliest$ latest=$TIME.earliest$+60s
If I use the timerange picker and select a relative time, the search works as e...
08-16-2013
01:16 AM
...ow.
Is it possible to do this with only one "search" ?
Today i use 2 searchs which are the same instead the time-modifiers:
For the week-end view:
earliest_time = @w1-2d-6h
l...
11-29-2017
07:33 AM
I have a situation where I want to run a main search of one index over a time period driven by the time picker on a dashboard, but annotate the results with information from a second search. The s...
02-03-2013
08:34 PM
...es in Manager> Searches & Reports , it gives an error.
Any ideas how to include such time modifiers for saving searches from the Manager?
12-18-2013
11:15 PM
Hi!
Is it possible to do something like below possible?
If I have 5 searches ,
search A
search B
search C
search D
search E
and specify time modifier , for example , as e...
06-14-2011
05:32 PM
...am reading documentation about setting up search-time field extraction in props.conf. I have been playing around with it and it's not behaving as expected. However, I just realized, I'm not sure if I...
05-28-2020
10:05 AM
Hi,
I must be missing something. I have a simple search using a time modifier:
index=MyIndex earliest=-30m
My expectation is when I search, the results will be searched and returned o...
10-01-2010
10:28 AM
...amed (templates) that can be referenced by name in dashboards and alerts. If I define simple search in savedsearches.conf (without specifying time modifiers) and try to modify time with earliestTime and l...
