Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
21 results
Sorted by:
04-23-2018
11:55 PM
...ontain data, the fields Start Time, Session Duration and Application(s) are empty
Applications Overview -> does not contain any data
Installed Software by Application Name -> does not contain any d...
02-03-2016
08:25 AM
We are using a CSV input, which generates indexed extractions - some of the field values contain spaces.
Here is some walklex output that shows the values captured in the .tsidx
1887 2 p...
07-17-2020
11:38 AM
...onfiguring field extraction for this in configs or in actual Splunk search using rex or eval. pluginText: <plugin_output> The following software are installed on the remote host : KB3171021 [v...
Labels
- Labels:
-
using Splunk Enterprise
10-18-2016
02:17 AM
1 Karma
...ame and field value.
http://docs.splunk.com/Documentation/Splunk/6.5.0/Knowledge/WhenSplunkEnterpriseaddsfields
When field discovery is enabled, Splunk software:
• **Identifies and extracts t...
03-10-2021
02:40 PM
I could use some expert assistance with a regex for breaking down a custom user-agent field in an IIS log into component fields while avoiding a conflict with other fields. We run software t...
Labels
- Labels:
-
field extraction
09-18-2020
06:41 AM
...ourcetype = ms:iis:auto Example of the IIS log: #Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2020-09-18 13:15:43
#Fields: date time s-ip cs-method cs-uri-s...
Labels
- Labels:
-
field extraction
-
universal forwarder
06-20-2019
12:25 AM
Hi,
We have attached log file.link text The whole log file contains in one single event in splunk.
Now, I need to extract data(filename, date, time) from only last lines of text.
ex:
Try u...
a week ago
Hi,
I have a field name Details. This field contains a lot of information in varying format. e.g. software installed on endpoints, updates installed etc. I need to extract this information from t...
Labels
- Labels:
-
development
-
using Splunk Enterprise
08-04-2019
08:25 PM
3 Karma
...alues for search-time field extractions:
CLEAN_KEYS = [true|false]
NOTE: This setting is only valid for search-time field extractions.
Optional. Controls whether Splunk software "cleans" t...
03-12-2021
07:10 AM
...ytes_in = if(bytes_in=="-", 0, bytes_in) EVAL-bytes_sent = if(bytes_sent=="-", 0, bytes_sent) EVAL-vendor_product = "Apache Tomcat" EVAL-product_family = "Apache Foundation Software" EVAL-bytes = c...
Labels
