Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
30,000 results
Sorted by:
11-30-2021
04:49 AM
need help on eval function of trimming the month EX : April = APR all months first 3 letters thanks
Labels
- Labels:
-
troubleshooting
03-04-2021
08:46 AM
Hi All, Is it possible to perform Eval then perform lookup ? If the eval return null then perform lookupA.csv. If eval return notnull, then perform lookupB.csv thanks!
Labels
- Labels:
-
search
05-11-2020
01:40 AM
Hi all,
During evaluating round I got the error:
| stats avg(duration) AS "booking average time" by hours
| eval "booking average time"=round("booking average time",2)
Error in 'eval' c...
a month ago
hello In my search I use an eval command like below in order to identify character string in web url | eval Kheo=case(
like(url,"%SLG%"),"G",
like(url,"%SLK%"),"G",
like(url,"%SLY%"),"I...
- Tags:
- other
Labels
- Labels:
-
other
02-13-2022
02:54 PM
Hello, I am new to Splunk and this is probably a basic query. I have a field with an email address and I want to check if the email exists in a look up table and eval it to 1, if found and 0 i...
11-26-2021
05:24 AM
| eval new_name=mvindex(split(name, ","),0), first name 0 and last name 1 split first and last name why split and 0&1 used in the pipeline
Labels
- Labels:
-
troubleshooting
02-25-2019
02:52 AM
Hi, I wonder whether someone can help me please.
I'm using number the following as part of a query to extract data from a summary Index
| stats count(eval(repayments_submit="1")) as r...
04-13-2022
06:11 AM
Hi,
I have multiple fields like, counting how many items passing through gates:
| timechart count(eval(like(gate_id, "RG%") )) as items_RG, count(eval(NOT like(g...
01-25-2021
09:07 AM
I am using the following eval command. I want the type column to pick up both the sources. index=xyz (source=smf015 OR source=smf014) | stats values(source) as source by JFCBDSNM DATETIME S...
Labels
- Labels:
-
using Splunk Cloud
Show results in replies (5)
-
...FCBELNM TIOEDDNM SMF14PGN | eval Type=case(mvcount(source)>1,"Both",source LIKE "%SMF014","Input",s...
-
...ommand output before eval?
-
...ource) as source by JFCBDSNM DATETIME SMF14JBN SMF14RST SMF14SPN JFCBELNM TIOEDDNM SMF14PGN | eval T...
-
...ATETIME SMF14JBN SMF14RST SMF14SPN JFCBELNM TIOEDDNM SMF14PGN | eval Type=case(source="smf014","Input",s...
-
...FCBELNM TIOEDDNM SMF14PGN | eval Type=case(mvcount(source)>1,"Both",source LIKE "%smf014","Input",s...
