Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
517 results
Sorted by:
05-22-2016
03:11 PM
I'm running into an issue with the syntax for a CLI search using erex.
The problem seems to be with the double quotes. I've tried single quoting the erex examples and counter examples, but none o...
01-12-2021
07:42 PM
...orrect my syntax, i tried google searches but none were able to give me an example, which I think is due to the fact I do not know how the syntax should work in the first place. I am using the windows c...
Labels
- Labels:
-
stats
02-06-2014
03:21 PM
2 Karma
Hi,
As my search strings get more and more ridiculous, I find myself writing them in sublimetext or notepad++ or vim as a cribsheet and then putting the final product into Splunk. Does anyone k...
10-01-2021
12:48 AM
I have recently created a field extraction on one search head that I have assigned all apps and users to read and write and was wondering how long is would take for a change done in one search head t...
Labels
- Labels:
-
field extraction
-
kvstore
-
other
-
permissions
02-10-2022
09:32 AM
Howdy,
I'm trying to come up with a query that charts the most occurring x_forwarded_for and respective count in each of the bins over whatever window. Currently, the below query creates a sorted c...
04-10-2012
03:23 PM
1 Karma
...assword for both the local and remote machines are not changeme.
5) I am running the command on the local machine that I expect to the be search head.
6) Within the local server.conf, I have s...
07-15-2021
04:18 AM
Hi, I'm running the below syntax on Splunk Enterprise to get traffic logs from Fortigate firewalls: index="fortinet" "devname=" "xxxxx-xxxxxx" "vd=" "xxx-xxxxx" policyid=5 action=accept | stats c...
Labels
- Labels:
-
troubleshooting
08-11-2020
08:55 AM
Getting this informational message when running "stats count" commands: This search uses deprecated 'stats' command syntax. This syntax implicitly translates '<function>' or '<function&g...
Labels
- Labels:
-
stats
09-26-2016
11:52 PM
3 Karma
Hi,
Does anyone know how to enable the new 'Search Syntax Highlighting' and 'Compact' Assistant features when using the Free License?
The Splunk Overview 6.5 App has a section which says that the...
