Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
94 results
Sorted by:
07-18-2019
08:59 AM
Hello folks,
I am experiencing problems to use replace to change a field value like "qwerty\foo" to "qwerty\foo".
I am testing it with this query
| makeresults
| eval user="qwerty\f...
01-12-2021
02:19 AM
I'm trying to understand the functionality of keepevicted. I've read several documentation about it but it's still not clear. I've made a search with transaction. Without keepevicted I get 5...
Labels
- Labels:
-
transaction
08-14-2020
05:58 AM
Phantom 4.9 supports Markdown notes and it is possible to add markdown note using GUI. But how to use markdown with the add_task API function? Like phantom.add_task(container=None, name=N...
Labels
- Labels:
-
using Phantom
05-11-2019
10:10 PM
...ount=0]
But I also need to add text after the distinct count
So I am doing this after the distinct count but I have nothing
| eval dc = if(dc== 0, "no host", tostring(dc) + " hosts")
c...
- Tags:
- splunk-enterprise
08-20-2020
04:29 PM
...HANGE_STATUS", statusCode="1", statusText="RUNNING", alarmCode="0", text="Executing at WA_AGENT", exitCode="0", machine="frmlxap1p1.prudential.com", runNumber="90859630", attemptNumber="1"
t...
Labels
- Labels:
-
stats
11-08-2020
07:40 PM
...ommand: The 'mvmap' function is unsupported or undefined. SPL for search | mitremap popular_only="$show_popular_techniques$" content_available=$s...
- Tags:
- essentials
- security
Labels
- Labels:
-
configuration
04-19-2018
01:03 AM
...ount_Root_Values.The output should look like this
In excel, there is formulla for it :- =IF(COUNTIF(B$2:B2; B2)=1;COUNTIF(B:B; B2);TEXT(;)) .
In Splunk, I am trying to use the eval to g...
06-30-2018
11:02 PM
...erver will give me a value of 0 if the server is actually of instead of no results are found. I was wondering if its possible to show a text like "Server is off" if the value of 0 is returned and show t...
07-16-2019
01:16 PM
...'d like a searchWhenChanged="false" functionality for inputs used in conjunction with this button. With my current code, the search still re-runs when the timepicker is updated without the button ever b...
04-13-2018
06:36 AM
...Then I set the inputs used in query specifically to "Search on Change" - but still the dashboard does not reload when I change inputs.
The doc at this point:
link text
says (quoted)
"Add a...
