Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
283 results
Sorted by:
02-14-2013
09:11 PM
...ork
Macro definition
eval desc=desc+ if(floor($bitField$/2)%2>0,"That Text, ","") | eval desc=desc+ if(floor($bitField$/2)%2>0,"That Text, ","")
This search does not work t...
- Tags:
- macros
08-13-2018
08:41 PM
Hi Guys,
Is it possible to calculate the name of a macro to be used in a search from a token value?
I have a drop down list of system names that I have corresponding macros for.
eg
k...
11-14-2019
01:57 PM
We use the TA-Varonis-DatAlert and it creates the varonis_index macro defined as index=* , which is global.
When running a generic search such as index = _internal sourcetype=splunkd , we s...
04-22-2016
03:28 AM
Hi all,
I am trying to use a variable as a search condition based on input in a text box. In order to make it simpler for users, I want them to be able to enter as many potential search strings a...
04-25-2018
02:32 PM
Hello,
I am trying to run a macro multiple times in a search. If the search returns 10 results, the macro should run 10 times. Is there a way to achieve this?
I don't want to use 'map' c...
11-07-2013
10:03 PM
Good day fellow Splunkers,
I'm new to this macro in Splunk and I want to ask if this could be possible.
I have 3 monitored folders, I want to start my search to just get the latest source of t...
01-14-2019
10:41 PM
I want to pass a variable to a savedsearch using this method:
| savedsearch mySavedSearch1 inputParam1="value1"
Within "mySavedSearch1" I have a macro where I want to use the value of in...
02-06-2017
10:17 AM
We are on Splunk 6.2.1. This is all in Splunk search...
I have a macro with lookup which works fine in a simple search but when I save the search and attempt to invoke from | savedsearch ... I...
09-10-2015
11:54 AM
1 Karma
...ame`,"
where macro-name is a string with a literal dash ( - ). I am nearly certain that I've seen saved searches containing macros.
I first tried to save from "Edit -> Open in search -> Save"....
