Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
716 results
Sorted by:
2 weeks ago
...LI. If someone tampered with the savedsearches.conf file I'd like to audit those changes somewhere. Is there a straightforward way? I was thinking of file monitor of the file in Splunk and raise an a...
02-07-2020
08:04 AM
Just adding the below stanza wuld be sufficient to disable a saved search in default/savedsearches.conf
disabled = 1
How can I disable or enable a saved search in splunk from config side.
I...
Labels
10-09-2012
04:28 AM
5 Karma
...ince there are a lot of those, I prefer to do it in the shell:
cd etc/apps/webintelligence
egrep '^(cron.*|\[.*\])$' default/savedsearches.conf | \
egrep -B 1 'cron_schedule = 0(\ \*){4}' | \
p...
04-04-2012
01:32 PM
...o select in the last 4 hrs, 8 hrs etc.. The search is defined in savedsearches.conf. And I am looking for a way to pass in the selected time parameter to the saved search. Please
- Tags:
- savedsearches
03-03-2014
01:01 PM
Hi,
From the [post][1] , I learned that we can use following to refresh savedsearches.conf.
splunk _internal call /servicesNS/admin/search/admin/savedsearch/_reload -auth username
My d...
- Tags:
- refresh
- splunk-cli
06-07-2018
08:43 AM
Hello,
Reviewing the new Splunk for k8s addon, you could please review the savedsearches.conf and add a minimal default earliest and latest timerange to the searches ?
For example:
d...
10-16-2019
04:28 AM
...time = relative_time( relative_time(now(), "@d") , "-1d")
It's 100% the same query, but it's much more understandable.
However, if you use the formatted query in a savedsearches.conf stanza, y...
05-02-2013
10:03 PM
Hi, I am just wondering if I can reload the configuration of savedsearches.conf without restarting splunkd and/or splunkweb in CLI mode after modifying option values of properties in that file.
I...
06-27-2018
11:50 AM
I am using a search command to find the savedsearches.conf for an alert. I created a search which can list all of the parameters in the savedsearches.conf, however it merges both the default and l...
