Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
266 results
Sorted by:
03-25-2015
12:26 PM
3 Karma
...he user for the desired index name.
But then, how do I get my saved search or view or dashboard to reference the value the user entered?
I created a macro in $app/etc/default/macros.conf, d...
09-13-2016
06:51 PM
...imeformat and getting the results as needed. So I need to get work on the macros instead of modifying the search since if modified the search display wrong results for outside US users.
What c...
09-12-2016
05:41 PM
What is macros.conf and what is its use? What could be the path for macros.conf?
05-18-2015
05:26 AM
1 Karma
...nd replacing, probably I can do using SPL itself. The script should just update macros.conf.
Another alternative is to write a shell script, but trying from Splunk before I go that route.
T...
Show results in replies (4)
-
...rovided by splunk, to write it in macros.conf by curl command.
-
...s alert and on alert wrote a simple shell script by using ARG8 provided by splunk, to write it in macros...
-
You cant alter macros.conf without using SDKs. But you can save the query in a lookup instead o...
-
More information: Updating macros.conf from lookup. Below is my macro query and lookup d...
08-11-2015
01:08 PM
I have created a macro within an app using the macros.conf file. I am able to see the macro within the Settings -> Advanced Search -> Search Macros if I look under the context of my app. T...
11-18-2011
11:54 AM
1 Karma
The subject has the entirety of my question but as a bonus to anyone who reads this, here is a macro that everyone should find useful (if you understand why this is useful, add that to your answer): ...
09-12-2016
06:15 PM
...he searches contains unique search string "getABCsWin"
timeformat="%d/%m/%Y:%H:%M:%S”
Is it something I need to add in macros.conf if yes. How can I add it?
02-12-2020
12:46 PM
1 Karma
How do I modify marcos.conf to include multiple indexes ? Will it recognize wildcards in the index name?
example:
[event_sources]
definition = (index="win*" OR source=*W...
11-24-2017
12:35 AM
...acro 'get_index' in DA and then using this macro in each dashboard search inside DA. Inside TA, any time the user updates the index field, I call the macros REST endpoint to update the macros.conf in DA. A...
