Hello Everyone,
This is the extension of previous query which I posted- https://community.splunk.com/t5/Splunk-Search/How-would-I-write-a-Splunk-search-to-build-a-table-for-PASS-and/m-p/6...
I am very new using Extreme Searches. I have used the extreme search example that is displayed on the page inSplunk Docs.
| `datamodel("Authentication","Authentication")` | stats values(A...
Hello Everyone,
I have below query with which I am trying to build a table showing data for SUCCESS for sum of statusCode starts with 20* and FAIL for sum of statusCode starts with 4*.&n...
InSplunk Enterprise you can set the default searchindex per user. InSplunkLight you cannot it seems?
I read another post which said you can edit the \etc\system\default\indexes.conf file and s...
...formation under "Manage Apps".
Now I want to build a dashboard that shows any available updates for Splunk Enterprise + Splunk apps.
For Splunk apps, it is possible to run a search which shows a...
...Xchange (FIX) format. These are not really in an easily human readable format as they contain a bunch of numeric codes for fields and values, so I am trying to get Splunk to translate these logs so when m...
Hi all,
Like the title says, is it possible to run SplunkLight with 2 indexers and a search head? Or is this a Splunk enterprise only configuration?
Many thanks,
Hi all,
My requirement is, I have to build a Dashboard by using a database search output.
I have a complex SQL search with 100+ lines logic in it having complex logic in it.
When I tried to r...
I am using Splunklight and have a <500 MB indexed file license limit. I am using 5 universal forwarders which are all in Windows and 2 local dirs on local Linux (Splunklight server local m...
I would like to have this two chart merge into single chart as a two different line diagram
sourcetype="tomcat-webapp" host="server-notify06*" | rex "(?i)(?P<FIELDNAME>\w+=\[[a-f0-9]+\-[a-f...