Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
37 results
Sorted by:
02-08-2019
05:40 AM
Hi all,
Splunk offers the possibility to customize the way we want data to be segmented in the index files with a regex, like for this timestamp :
segmenters.conf :
[seg_rule]
F...
05-14-2020
12:57 PM
I tried to segment the log below using \s but it does not work, even after modifying segmenters.conf and props.conf .
2020-05-13 19:27:35,921 INFO com.edifecs.shared.events.transport.rmi...
11-20-2019
02:17 PM
I have a field with multiple values that would normally be delimited by a comma:
Field=value1,value2,value3
In Splunk, the Field value will just show "value1".
I want to alter the log mes...
10-01-2021
12:48 AM
I have recently created a field extraction on one search head that I have assigned all apps and users to read and write and was wondering how long is would take for a change done in one search head t...
Labels
- Labels:
-
field extraction
-
kvstore
-
Other
-
permissions
08-09-2016
03:01 PM
1 Karma
...esources are available. See the Troubleshooting Manual for more information.
I did some changes to distsearch.conf file, but the bundle is still over 3 GB in size.
This is the file stanza:
[r...
03-26-2020
03:29 PM
...alue (which adds it to the search), zero results are returned. Is this a bug in recent versions?
I've seen other "similar" posts and some talk about workarounds such as fields.conf, but this is p...
05-22-2014
02:46 AM
13 Karma
...earchbnf.conf,
\segmenters.conf,server.conf,serverclass.conf,serverclass.seed.xml.conf,
\setup.xml.conf,source-classifier.conf,sourcetypes.conf,
\splunk-launch.conf,tags.conf,tenants.conf,t...
09-22-2017
06:46 PM
I have JSON data, which is indexed and can be searched. This is an example of the data
Product: { [-]
BottleSizeMls: 750mls
BottleSizeName: Bottle
Id: ...
11-16-2017
06:52 AM
1 Karma
I have a field extraction that gets the message number from the raw message string
.{22}\s0-9
The message string is in the format of
2017-11-15T13:32:53,915 4790018 2999395531021...
02-16-2017
02:46 AM
1 Karma
...nsertion and also field extraction configured for my events, may be there is some correlation.
sample data
configuration files (props,transforms,fields).conf
