I would like to modify the token a user inputs in a form using rex commands so that I can insert it into the search later. For instance, if the user enters AC123,AC456 in the form field, I would wa...
...equestParameters.Host" field isn't a string, e.g. the following search also fails sourcetype=aws:cloudtrail errorCode="AccessDenied"
| eval test = requestParameters.Host e.g. "test" is b...
I am trying to get all DHCP records for machines on which an authentication attempt was made for a user. I am doing this with a subsearch on the Authentication datamodel for the authentication sourc...
...ime.
Because the host_segment uses (why ever on earth i don't know) the source string.
Host segment defines the "7" position as the host variable.
So if i define the source by myselft h...
I have a dashboard in which the customer can enter a start date/time, end date/time, and a string. I then use the information entered to query two different (not Splunk) databases to find/present r...
manipulating strings, I had a post before regarding an array, but say I have a field that has value string1+string2+string1 , how can I display this value as packaged(string1+string2)
EDIT:
I...
...og]
LINE_BREAKER = (`~!\^<)
SHOULD_LINEMERGE = false
SEDCMD-payload = s/payload_printable":([\s\S]*)",/ ---payload string has been truncated by splunk admins at index time--- /g
SEDCMD-response = s...
Dear fellow Splunkthusiasts, is there a way to put my own script manipulating the data in between the forwarder and indexer?
To be specific: I have XML logs from SmartMeter/jMeter looking like t...
...ant to extract the substring with 4 digits after two dots ,for the above example , it will be "ab1d". How my splunk query should look like for this extraction?
Basically I have been given a string, a...