It appears that using now() inside of the map command will always return the time that the map was started rather than the time for each loop. The below SPL shows an example of this. Does anyone h...
Hi All... For those who already know some SQL, the join commands are pretty easy. Some of my teammates who are non-sql members, they were not aware of join, and when they try to read docs, they c...
I've read the docs and iterated many times to try to get a simple command to work which pipes events to it.
Example: index=idx1 | myCommand
Inside of myCommand.py, I want the results of t...
Hi, I'm new to creating custom search commands, and haven't been able to understand the examples in the SDK repo on GitHub, if someone can point me to or provide a step by step guide to achieve t...
Hi, I have the below log and values for "days" field are 4, 10 , 15, 30. Could you please extract the "days" field using the "erex" command.
Log :
2017-11-21 04:55:34,060 tn="[1...
...ble to use some of these functions/commands. I tried to Google to find simpler examples but did not come up with anything. Can someone please provide the most simple example possible of using the c...
Hello Splunk Community:
I'm trying to convert several stand alone Python scripts into splunk External Lookups and running into problems.
Any thoughts?
I've looked at the external_lookup.py...