Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About sarit_s
sarit_s
Communicator
Member since:
12-25-2015
a week ago
Community Statistics
| Posts | 487 |
| Solutions | 2 |
| Karma Given | 2 |
| Karma Received | 6 |
| Member Since | 12-25-2015 |
Activity Feed
- Posted How to transpose or untable one column from table with 3 columns? on Splunk Search. a week ago
- Posted How to count stats in columns? on Splunk Search. a week ago
- Posted How to compare two date\time range in one timechart? on Dashboards & Visualizations. 2 weeks ago
- Posted Is it possible to search for detailed information such as which index was restored and the size of each index? on Splunk Cloud Platform. 08-10-2023 02:23 AM
- Posted Re: What is the capability so the user will be able to upload file with "add data" option ? on Splunk Search. 08-05-2023 11:33 PM
- Posted What is the capability so the user will be able to upload file with "add data" option ? on Splunk Search. 08-03-2023 06:26 AM
- Posted Re: regex to find source path that contains spaces on Splunk Search. 08-03-2023 03:02 AM
- Posted Re: regex to find source path that contains spaces on Splunk Search. 08-03-2023 02:36 AM
- Posted How to create regex to find source path that contains spaces? on Splunk Search. 08-03-2023 02:27 AM
- Posted Re: list all users role capability on Splunk Cloud Platform. 07-17-2023 03:39 AM
- Posted list all users role capability on Splunk Cloud Platform. 07-17-2023 01:29 AM
- Posted Re: indexes list as a table on Splunk Cloud Platform. 07-03-2023 02:26 AM
- Posted Re: indexes list as a table on Splunk Cloud Platform. 07-03-2023 01:59 AM
- Posted Re: indexes list as a table on Splunk Cloud Platform. 07-03-2023 01:55 AM
- Posted Re: list of all indexes and all fields within each index on Splunk Search. 07-03-2023 01:53 AM
- Posted indexes list as a table on Splunk Cloud Platform. 07-03-2023 01:16 AM
- Tagged indexes list as a table on Splunk Cloud Platform. 07-03-2023 01:16 AM
- Posted How to send data to different index? on Getting Data In. 06-12-2023 05:04 AM
- Posted What is the best way to call the api to create an github action to automate bd connect inputs? on All Apps and Add-ons. 05-29-2023 03:42 AM
- Posted Is it possible to add the same action to all of the alerts in one time? on Splunk Search. 03-28-2023 02:41 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
a week ago
Hello I have a table with 3 columns : Domain Environemnt %of deployments hello qa 12 hello1 dr 13 hello2 prod 13 hello3 dev 15 And I would like to achieve this.. Domain qa dr dev prod hello 12 13 14 15 hello1 1 2 3 4 hello2 3 2 4 6 hello3 1 3 5 7 While the numbers in the cells are the % of deployments for each environment and domain I've tried this but it is not working as expected : | eventstats count by SERVERS
| eventstats dc(SERVERS) as Total_Servers by Domain Environment
| eventstats dc(SERVERS) as Total_Servers
| eval "% Of deployments by domain&env" = (Deployed_Servers/Total_Servers)*100
| search Sprint!=*required AND Sprint!=*deleted* AND Sprint!="?"
| eval SH_{Environment}=count
| eventstats values(SH_*) as * by Domain
| dedup Environment Domain
| table Domain SH* "% Of deployments by domain&env"
| rename SH_dr as DR SH_production as Production SH_qa as QA SH_staging as Staging
... View more
- Tags:
- untable
Labels
- Labels:
-
count
a week ago
Hello I have a table with 7 columns, some of them calculated from lookup I want to count the total of one of the columns and then calculate percentage of other column based on the total I tried this but im getting 0 results
| stats count by SERVERS
| stats count(SERVERS) by Domain as "Domain_Count"
| eventstats sum(count) as Total_Servers
What can I do ? Thanks
... View more
- Tags:
- eventstats
2 weeks ago
Hello I'm trying to create a timechart which will compare between two date\time range I want to see the values of last sunday (10.9) between 15:00-16:30 and compare with the values for the same time but sunday last week (3.9)
How can I do it ?
Thanks
... View more
- Tags:
- splunk search
Labels
- Labels:
-
timechart
08-10-2023
02:23 AM
Hello In Splunk cloud monitoring console, there is a panel with
Restored searchable storage (DDAS) usage
is it possible to search for detailed information such as which index was restored and the size of each index ?
In the console it shows only the total size of the restored data
thanks
... View more
Labels
- Labels:
-
Splunk Investigate
08-05-2023
11:33 PM
Hello In the cloud there is "edit_tcp_stream" capability, there is no edit_tcp edit_monitor is already enabled I don't want to give the user permission to edit something else, only to enable the upload option
... View more
08-03-2023
06:26 AM
Hello
what is the capability so the user will be able to upload file with "add data" option ?
... View more
- Tags:
- roles
- splunk search
Labels
- Labels:
-
other
08-03-2023
03:02 AM
also , maybe I wasn't clear enough I want to count all the hosts that have sources with spaces I don't want to extract the folder, I just need to know how many sources with white space I have
... View more
08-03-2023
02:36 AM
Hello Thanks for your reply this is an example of my path: C:\Projects\API Managment Logging\Logs\*.txt Also, the regex you attached is invalid 😞
... View more
08-03-2023
02:27 AM
Hello
I have sources that contain white spaces and I wand to count them
What is the regex to find all the sources with spaces ?
Thanks
... View more
- Tags:
- regex
- splunk search
07-17-2023
01:29 AM
Hello Is it possible to add role capability so the user will be able to see the list of all active users but without adding more capabilities ? If not, is there other way to get such list with searching option so the user will be able to search a specific user from the list ? Thanks
... View more
- Tags:
- capabilities
- roles
Labels
- Labels:
-
configuration
07-03-2023
02:26 AM
as i mentioned, im using Splunk cloud with indexer cluster Also the second query returns 1 for all
... View more
07-03-2023
01:55 AM
Hello Thanks for your reply The problem is that it returns '1' in the current size column for all the indexes I'm using Splunk cloud if it change something and also i have a indexer cluster
... View more
07-03-2023
01:53 AM
Thanks The problem is that it returns '1' in the current size column for all the indexes
... View more
07-03-2023
01:16 AM
Hello How can i get the information shown in settings->indexes in a table ? I know there is a rest command but i can't find it What i need is the index name and current size Thanks
... View more
- Tags:
- rest
Labels
- Labels:
-
other
06-12-2023
05:04 AM
Hello
I have some kind of data that I want to filter to different index and in the future i would like to stop this index entirely.
The data I want to filter is
1. all the logs with debug mode
2. logs that contains Categories!="" OR Categories!=$* OR Categories!="* *"
How it can be done ?
Thanks
... View more
Labels
- Labels:
-
indexer
-
props.conf
-
transforms.conf
05-29-2023
03:42 AM
Hello
I want to create a github action to automate db connect inputs
What is the best way to call the api for that purpose ?
Thanks
... View more
- Tags:
- automation
- dbconnect
Labels
- Labels:
-
development
03-28-2023
02:41 AM
Hello
I need to add alert action to many alerts, Is it possible to add the same action to all of the alerts in one time ?
Thanks
... View more
- Tags:
- alerts
- alerts action
Labels
- Labels:
-
other
03-12-2023
10:21 AM
Hello
How can I trigger an alert after checking the results for 3 minuets So for example, if I want that the alert will trigger if count>1 , I would like to check for 3 minutes if count>1 and only then raise the alert
How can i do it ?
... View more
- Tags:
- alerts
Labels
- Labels:
-
other
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
a week ago
|
