Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
146 results
Sorted by:
05-13-2020
01:06 PM
1 Karma
...econds)
Rather than building a full custom command to do the following:
| duration outputfield=cleanTime seconds
I know the function's code are locked and are part of the source code but can I add to it?
Labels
- Labels:
-
using Enterprise Security
10-09-2012
09:24 AM
Hello the splunk community,
I'm kinda new to splunk, and I'm trying to perform some charting using the eval function like as follow:
index=index1 action=action1
| chart c as count by a...
07-18-2019
08:59 AM
...oo"
| eval ruser=replace(user,"\\","\\")
In this case I have this error
Error in 'eval' command: Regex: \ at end of pattern
The same for:
| eval ruser=replace(user,"\","\\")
U...
10-22-2010
01:22 AM
...larity and supportability (the "OR" clause will continue to grow for this event type), I need to avoid the iteration and use the eventtype.
For reference:
http://www.splunk.com/base/Documentation/l...
- Tags:
- eval
02-19-2020
04:20 AM
...ELPHI_REQUEST.REQUEST.COMMAND ,host,SVC_ID,check
|rename DELPHI_REQUEST.REQUEST.COMMAND as "COMMAND"
I am getting below output where coalesce is not printing the value of field DELPHI_REQUEST.REQUEST.COMMAND i...
07-21-2015
10:40 AM
...rocs{} = special
procs{} = C,B
The counts should be: A: 1, B:3, C:1, special:1
index=foo | rename procs{} as procs | eval numprocs=mvcount(procs) | mvexpand(procs) | stats count(eval((p...
09-02-2010
12:05 AM
4 Karma
Is there any weird issues with using multiple searchmatch() expressions within a single eval command?
I have a transaction search in which I'm using an eval to assigning my transaction a s...
05-11-2018
09:00 AM
...echnology but I would prefer to have all in one.
The number of rows will vary from 1 to however many technologies are in use for a system. eval doesn't support stats functions or this would be v...
