Search
Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Search
Search
Search the Community
505 results
Sort by:
03-28-2025
01:17 PM
Hello all, I am trying to understand the type of fields command. Documentation says it is a "distributable streaming" which means it can be run on the indexer, which improves p...
Labels
- Labels:
-
field extraction
-
fields
08-16-2024
08:18 AM
Hi, I have a scenario where I want to calculate the duration between 1st and last event. The thing is these events can happen multiple times for the same session. The 1st event can happen mult...
Labels
- Labels:
-
transaction
07-22-2019
09:10 AM
1 Karma
...uestion is:
How do those Splunk's commands work? What type of "technique" do they use to predict, associate or cluster? Is it statistics?
PREDICT = we can do it with algorithms like: ARIMA, Logistic r...
10-14-2024
11:24 AM
Need help with creating an interactive drill down with value extracted using the rex command. I want to monitor users saving files to a certain folder and also sort and look at file extension types...
Labels
- Labels:
-
drilldown
-
trellis layout
02-01-2022
02:16 PM
I have a json data from file generated from the okla speedtest -f json command. I have tried to cast it or eval in different ways but I am doing something wrong. Error in 'eval' command: Type...
Labels
- Labels:
-
eval
09-24-2018
01:11 PM
1 Karma
Hi,
I am looking to use predict command with multiple fields without typing all their names.
For example I know it can be used liked this:
Make results |Predict field1 field2 f...
12-04-2015
05:51 PM
...ecause if I remove that section, I can get the non-filtered results. I've played around with including other fields and even using other event types in the search command, always making sure to include a...
01-06-2017
09:04 AM
3 Karma
Splunk's command types page is missing a few functions, including accum. I would like to know if accum is a centralized streaming command, distributable streaming command, or none of the above. E...
06-30-2021
04:00 AM
...ass %"-"yest Pass %")|table "dbyest Pass %" "dbyest Fail %" "yest Pass %" "yest Fail %" "Pass % diff" When i ran this , i am getting the error "Error in 'eval' command: Type checking failed. '-' only t...
