×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
faramarz
Path Finder
Member since: ‎07-23-2015
‎06-05-2020
Community Statistics
Posts 18
Solutions 1
Karma Given 4
Karma Received 3
Member Since ‎07-23-2015
Activity Feed
View All

Re: When importing a CSV in Splunk Web, how do I a...

by in Getting Data In
‎11-05-2015 12:08 PM
‎11-05-2015 12:08 PM
Thanks for the update. I've tested my solution on 6.3 and it definitely works okay with month and years fields. But your method is just as good if you can adjust the input. ... View more

Re: How to extract the Referrer Field from the fir...

by in Splunk Search
‎09-02-2015 09:56 PM
‎09-02-2015 09:56 PM
shows up in most events in the transaction. I thought of approaching with mvindex, and it seems to work best. ... View more

Re: How to search the count of unique users in a c...

by in Splunk Search
‎08-09-2015 09:59 PM
‎08-09-2015 09:59 PM
Also do note that you should be able to "Accept" more than one answer if more than one of them works. This would be totally appropriate in this case. ... View more

Re: How to aggregate a percentage of a total befor...

by in Splunk Search
‎07-27-2015 12:34 PM
‎07-27-2015 12:34 PM
Amazing. Thanks so much 🙂 ... View more

Re: How can I manually change badly formatted data...

by in Splunk Search
‎07-23-2015 01:46 PM
‎07-23-2015 01:46 PM
I was looking for something like this: event | spath event | search event="Out of Stock" | rex mode=sed "s/(\\\\\")/\"/g" | rex field=body "\"recordtype\":(?[^,]+)," | eval body.recordtype = recordtype which is repeatable for each field ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
Karma given to
View All