Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Moreilly97
Moreilly97
Path Finder
Member since:
03-05-2018
06-05-2020
Community Statistics
| Posts | 19 |
| Solutions | 2 |
| Karma Given | 3 |
| Karma Received | 4 |
| Member Since | 03-05-2018 |
Activity Feed
- Karma Re: viewing transforming command reult for niketn. 06-05-2020 12:49 AM
- Karma Re: Ignoring the time range for certain results for elliotproebstel. 06-05-2020 12:49 AM
- Karma Why are users getting different data for the same query? for sloshburch. 06-05-2020 12:49 AM
- Got Karma for Re: why splunk community people not voting and not accepting answer to appreciate. 06-05-2020 12:49 AM
- Got Karma for Re: How to accelerate the loading time of multiple dashboards?. 06-05-2020 12:49 AM
- Got Karma for Re: Catalog of reports. 06-05-2020 12:49 AM
- Got Karma for Re: Trying to make git repo in Splunk files, but git does not work?. 06-05-2020 12:49 AM
- Posted Re: Trying to make git repo in Splunk files, but git does not work? on Splunk Enterprise. 07-06-2018 06:15 AM
- Posted Re: Catalog of reports on Splunk Enterprise Security. 07-04-2018 06:36 AM
- Posted Re: How do I develop a search query for my dropdown to sync with my table? on Splunk Dev. 06-28-2018 02:57 AM
- Posted Using ldapsearch results in a search. on Security. 06-06-2018 07:40 AM
- Tagged Using ldapsearch results in a search. on Security. 06-06-2018 07:40 AM
- Tagged Using ldapsearch results in a search. on Security. 06-06-2018 07:40 AM
- Tagged Using ldapsearch results in a search. on Security. 06-06-2018 07:40 AM
- Posted Re: Question about Column Charts on Dashboards & Visualizations. 04-30-2018 08:27 AM
- Posted Question about Column Charts on Dashboards & Visualizations. 04-30-2018 07:18 AM
- Tagged Question about Column Charts on Dashboards & Visualizations. 04-30-2018 07:18 AM
- Tagged Question about Column Charts on Dashboards & Visualizations. 04-30-2018 07:18 AM
- Tagged Question about Column Charts on Dashboards & Visualizations. 04-30-2018 07:18 AM
- Posted Re: Calculate disk storage per month on Knowledge Management. 04-05-2018 07:18 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
07-06-2018
06:15 AM
1 Karma
This answer may be of help to you.
https://answers.splunk.com/answers/312571/best-way-to-use-git-for-source-version-control-wit.html
... View more
07-04-2018
06:36 AM
1 Karma
Maybe the following link will help : https://docs.splunk.com/Documentation/AddOns/released/Overview/Prebuiltpanels
... View more
06-28-2018
02:57 AM
Dont forget to mark this as the answer
... View more
06-06-2018
07:40 AM
I was just wondering if there was a way to use the results of a ldapsearch in a standard search. For example if I extract a list of Employees in a certain Location using a ldapsearch, can I formulate a search to use this information?
... View more
04-30-2018
08:27 AM
Thank you so much for the quick reply and solution ! Ive been trying to use
| chart count(ticketNumber) by group over TimeBlock
And I was wondering why it wasnt working. Thanks again.
... View more
04-30-2018
07:18 AM
Thanks in advance for any answers.
So I have three fields; ticketNumber , group and TimeBlock
Every ticketNumber has a group it is assigned to and a TimeBlock that it falls into for example; Ticket02 with group IT2 and assigned within 1Hour.
I want to first groups the Tickets with their groups, and then chart the groups against the TimeBlocks
So the x axis would be 1Hour 2Hour 3Hour etc and they would have the groups and when hovered over it displays the amount of tickets.
... View more
04-05-2018
07:18 AM
Index Clusters are used to replicate the data so there are multiple copies.
So if you have 160.4 TB in total disk space, but 7 clusters, then 160.4 / 7 = 22.9 TB per Indexer
... View more
03-27-2018
03:36 AM
1 Karma
Reiterating what was said in previous posts try
index="YOUR_INDEX_NAME" feature="chat"
| stats values(MESSAGE) AS MESSAGE , values(chatId) AS chatId , values(chatOrigin) AS chatOrigin , values(media) AS media , values(chatNbreRepliqueAgent_lo) AS chatNbreRepliqueAgent_lo , values(chatNbreRepliqueClient_lo) AS chatNbreRepliqueClient_lo , values(location) AS location , values(client) AS client , values(session) AS session , values(chatAvailability_lo) AS chatAvailability_lo , values(step) AS step , values(stepResult) AS stepResult , values(isEligible_lo) AS isEligible_lo , values(context) AS context by _time
... View more
03-21-2018
04:44 AM
1 Karma
It's most likely that the user is happy to have a solution that they immediately continue working on their query, and because theres no need for the answer anymore they just close the page.
Although they make finding solutions to already asked questions more difficult , I can understand why they do it, so I cant be too mad at them!
... View more
03-16-2018
04:13 AM
Thanks for the suggestions , but due to time constraints I have decided to only include tickets that were created in the time range. This may not get me the most informative results but it is enough for now.
Thanks again!
... View more
03-15-2018
06:32 AM
Hi, thanks for the reply.
Its not a problem with limits, its a problem with the time range and how far back eventstats should actually go.
... View more
03-15-2018
03:49 AM
I have a number of tickets with TicketState : New, In Progress, Closed and Resolved depending on the tickets current state. They also have a short descriptor that involves a short summary of the problem as well as an identifier eg XX23XX2
What im doing is checking if the identifier in ShortDescriptor changes during the life span of the ticket, eg: If the ticket came into state New with a descriptor of XX2X , did the ticket get Resolved with the same descriptor.
I use eventstats to find the earliest ShortDescriptor and latest ShortDescriptor and then compare them.
I have this working and I was happy with it, however, I found a problem with the time range. If I have it set to 30 days, and some tickets were created more than 30 days ago with a different ShortDescriptor than it is 30 days ago, then my eventstats will only use the result from 30 days ago as opposed to its earliest value.
Just wondering if there was a way to get all the tickets within 30 days, and if its earliest state is not New then it will search further back just for those tickets.
Any help is appreciated, thanks.
... View more
03-12-2018
04:00 AM
@elliotproebstel Hi Elliot, sorry for the late reply, I got your suggestion to work (problem on my end).
However, Im still not getting what Im expecting. I handpicked a few tickets to check the results.
These tickets had the old_description==new_description , however, If I investigate it the earliest state i.e when the the ticket was "New" the description is not equal to the new description.
For example : https://prnt.sc/iq1v78 This is a picture of the results which state that the earliest description matches the latest description. However, if I dig down I find the following https://prnt.sc/iq1v28 Which shows that the earliest description doesnt match at all.
... View more
03-09-2018
06:01 AM
Sorry! Think I might of explained it poorly. The "New" and "In Progress" are in a field named ticket_state while the short_description field holds values that describe the ticket, such as "Linux VM keeps crashing" for example.
Disregarding that, I still dont get the values I expect. I picked a ticket at random to try and trouble shoot. It had 3 states, New , In Progress and Complete. I wanted to test to see if it worked by using
| eventstats earliest(ticket_state) as old_state latest(ticket_state) as new_state BY number
Obviously the earliest should be New and the latest should be Complete, but im getting both being set to Complete.
... View more
03-09-2018
03:43 AM
Unfortunately I still get similar results. It is not comparing the tickets first event with the latest event.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
