Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
30 results
Sort by:
10-25-2023
10:32 AM
...o get the total number of events, and data set size. Then ran the same search with the dedup command to reduce out all the duplicate events..... | dedup _time _raw The problem is the dedup command...
10-23-2018
01:20 PM
...ollowing messages:
Search auto-finalized after disk usage limit (10000MB) reached.
The sort command is truncating output to 10000 rows
Any ideas on how to optimize this search so I don't need t...
12-03-2019
08:07 PM
Our purpose is to get the most recent event with specific fields by "dedup" command in indexer cluster
We have read a similar case according to this link, but still confused about the usage of dedup...
03-18-2022
08:32 AM
Good Afternoon, TLDR; Can a search query result that provides more than 1 field be outputted to a file with a command like outputlookup and have its multiple fields compared against for later usage...
11-10-2022
04:19 AM
...clientId | table domains{}, extensionBundlesCount | sort -extensionBundlesCount The error: command.mvexpand: output will be truncated at 37800 results due to excessive memory usage. M...
Labels
- Labels:
-
metadata
02-06-2020
10:08 PM
...akemv cpu_range delim=","
| mvexpand cpu_range
| eval "Number"=0]
| dedup cpu_range
| sort cpu_range
| transpose header_field=cpu_range
| search c...
xml.txt (3 KB)
- Tags:
- splunk-enterprise
10-28-2022
03:40 AM
Hi Community,
I have the below search query
index=_internal
[ `set_local_host`] source=*license_usage.log* type="Usage"
| eval h=if(len(h)=0 OR isnull(h),"(S...
Labels
- Labels:
-
fields
12-17-2023
02:36 AM
...t;"
| table Server,Region,Environment,Server_IP,Filesystem,Type,Blocks,Used,Available,Usage,Mounted_On | dedup Server,Region,Environment,Server_IP And below is the table I am g...
Labels
- Labels:
-
Classic dashboard
-
table
02-11-2021
12:23 PM
...ort - pctCPU | dedup COMMAND | head 10 I am trying to get a timechart based for the pctCPU usage only for these 10 COMMANDS. Thanks
05-05-2023
01:01 AM
....mvexpand: output will be truncated at 28200 results due to excessive memory usage. Memory threshold of 500MB as configured in limits.conf / [mvexpand] / max_mem_usage_mb has been reached....
- Tags:
- mvexpand
