...ourcetype, etc.) I want to perform branching to different SPL commands based on the value of a field.
For example in pseudo code.
if process=snmpd
(| rex message=(blah, blah, blah)
| stats c...
Hi,
After upgrading to Splunk ES version 6.0.0 we got the Investigation Overview dashboard, but we have some problems when running it. If we try to look for investigations far back in time, the s...
...hat calls those 4 searches that would display as columns per branch:
Example: Branch dropdown: Avenue1 <--- the dashboard will have this and the numbers will change accordingly. &n...
I have a field called RenderedMessage in event log which has the following text Task finished: TaskID 1 for branch 6000 I have been given the task to alert in an email all the branches that h...
I have a union [] command that I want to execute only if a check box is checked, how can I manage this? SPL2 branch doesn't work on my dashboard for some reason and the eval if else only works for a...
Hi Splunkers, I am currently trying to create a pie chart that gets its data from a token: host=* | eval $Overview$ | chart sum(Warning) as "Warnings" sum(Violation) as V...
Only the saved APP saved-search list is displayed.
How do I get other APP saved-search listings?
command : $SPLUNK_HOME/bin/splunk list saved-search
Do not display saved-search of o...
we are using iplocation command i see that the GeoLite2-City.mmdb file is since 2019 [splunk@ilissplsh01 bin]$ ll /opt/splunk/share/GeoLite2-City.mmdb -r--r--r-- 1 splunk s...
...ach branch, its sales stats overview for each day (one number).
I would like to run a search that will calculate for each branch, the average of the top 5 best sales day, across the last month. M...
Hi,
I have the below SPL and I would like to get the comparison for 15 mints time span i.e if we run today at 5 am then we should expect the table like for every 15 mints data count vs yester...