I need toadd a sparkline to the searchresult so that I can create a visualization of which index is reporting a spike in usage. My serach result is as follows:
earliest=-2d@d latest=-1d@d i...
...nconsistent between similar searches when only the timeframe is changed.) Sample search (from "Addsparklinestosearchresults"): index=_internal
| chart sparkline count by s...
I need to understand which event types each searchresult record belongs to.
My search:
index="a" AND eventtype="*"
I want the resultsto contain a field with a list of matching event types....
I'm trying to create a sparkline following the magnitude example from https://docs.splunk.com/Documentation/Splunk/7.3.0/Search/Addsparklinestosearchresults
My search is:
index="stats" | s...
...ommon fields with the Splunk search, doesn't have the same dataset. The search and the lookup identify two different set of results. Is there a way to simply add all the data in the lookup to the S...
I am using a sparkline to display a bar-graph in my searchresults, the values displayed are percentage values, however due to the default behaviour of sparklines in splunk, a constant value of 100 i...
...se this lookup toadd the OS version in the result
In fact, I want to display the information in my lookup in the result field of my index search.
Greetings
Is it possible toadd the search ID for the currently running searchto the searchresults?
I have a report that populates a summary index and I have an alert running against the summary index w...
...ranch, version, product etc that I want to filter on.
When I click on the branch from the events viewer and click addtosearch no results are found, even though they were there in the previous results...
Hi, I have a main search that look like this index=main RESPONSE_CODE="0" earliest =-4mon@mon latest=mon@mon
|stats count AS Total_success BY MERCHANT_CODE This will produce a t...