...t runs successfully, it returns a dict with some data [{"hostname": "test1", "device_id": "abc123"}] but we might actually not have data on this host, so it will return empty: [] I need to e...
...ations are complete. Right now, we need to validate if data is same in both deployments e.g. Deployment A (old) and B (new) for all data sources.
I need guidance in the right steps and validations t...
I am new to Splunk query
I need to capture the filed value of tn "Subscription_S04_LookupInvoiceStatus" and Response data(Highlighted bold in the below XML file) for the c...
...ointing to the Heavy Forwarder, and 1 indexer. I would like the heavy forwarder to only forward certain events on to the indexer. Based upon my research (Route and Filter Data ) I have built the b...
Hello Splunkers, I've been in some weird requirement/situation, which is, we need to validate if events of particular source and sourcetype are getting forwarded by UF or not. For E...
...ossible invalid source sending data to splunktcp port or valid source sending unsupported payload.
Below is my Inputs.conf
[script://$SPLUNK_HOME\bin\s...
Hi,
I am looking to create a search that allows me to get a list of all fields in addition to below:
| tstats count WHERE index=ABC by index, source, sourcetype, _time
| fieldformat "_time"=str...
...ocumentation while for others, I have not.
The easiest question is whether there is a single website where log format validation/explanation data can be found. The second is where log formats can b...
lastOccurrence=2011/08/25 03:29:25|firstOccurrence=2011/08/25 01:44:11
My logs contain data similar to the notes above. I'm trying to write a query to see if there is any data where the l...
Hi guys, i am having an issue with the xml script in the last line but i cant seem to figure out how to make it valid as i have.
Have tried double quotes but does not work.
data-o...