×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
David_Naylor
Path Finder
Member since: ‎04-25-2018
‎06-05-2020
Community Statistics
Posts 13
Solutions 1
Karma Given 1
Karma Received 1
Member Since ‎04-25-2018
Activity Feed
Topics I've Started
No posts to display.
View All

Re: How to run a macro multiple times in a search?

by in Knowledge Management
‎08-15-2023 04:19 AM
‎08-15-2023 04:19 AM
@bowesmana exactly what i did - renamed macro output fields after each time i run it. Thank you. ... View more

Re: Is there a way to add searchable splunk Notabl...

by in Splunk Enterprise Security
‎04-26-2018 01:47 PM
‎04-26-2018 01:47 PM
Create a new field using eval and list it along with the other fields you care about in a table |notablegeneratingsearch |eval pci_id="10.1" |table pci_id,alltheotherfieldsyoucareabout Alternatively could use the tag field. ... View more

Re: How to find sum of particular fields by time?

by in Splunk Search
‎04-26-2018 10:45 AM
1 Karma
‎04-26-2018 10:45 AM
1 Karma
Give this a try (assuming your logged in time is identified your _time of the event) Your search which contain two fields user id and time | timechart span=1h dc(userId) as "Total Users" | eval Time=strftime(_time,"%H:%M")."--".strftime(_time+3600,"%H:%M") | table Time "Total Users" ... View more

Re: Splunk freezing for other users when doing lar...

by in Splunk Search
‎05-14-2018 04:03 AM
‎05-14-2018 04:03 AM
Hi I do a check for THP and to me it's off. Why do you think it is on? I check all the process and it returns nothing. grep -e AnonHugePages /proc/*/smaps | awk '{ if($2>4) print $0} ' | awk -F "/" '{print $0; system("ps -fp " $3)} ' | grep splunk ... View more

Re: Installing add-on on multiple forwarder

by in All Apps and Add-ons
‎04-26-2018 12:07 AM
‎04-26-2018 12:07 AM
im quite confuse on the process. ... View more

Re: Unable to open splunk web interface with windo...

by in Splunk Dev
‎04-25-2018 08:10 PM
‎04-25-2018 08:10 PM
Can you try using different browsers? ... View more

Re: Is there a way to make forwarding/indexing dec...

by in Getting Data In
‎04-28-2018 03:33 AM
‎04-28-2018 03:33 AM
Alright, good luck! Looking forward to hear if you succeeded 🙂 ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All
Karma given to
View All