cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
skottska
New Member
Member since: ‎12-18-2018
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎12-18-2018
Activity Feed
View All

How to find hosts without logs by time?

by in Getting Data In
‎05-22-2019 01:50 AM
‎05-22-2019 01:50 AM
Hi I have a query which finds hosts without logs for the whole search and it looks like this: | inputlookup hosts.csv | search NOT [search index=prod ("successfully placed") | dedup host | table host] What I would like to be able to do is to split this over _time so that I can search for say "over the last 24 hours, which minutes have no logs by host". I've tested with trying to squeeze in "bucket _time span=1m" but I can't figure out how to combine this with my host.csv lookup. Anyone got any tips? ... View more

Re: How to use regex on a field's value in a searc...

by in Splunk Search
‎12-18-2018 03:05 AM
‎12-18-2018 03:05 AM
You can also use index=system* sourcetype=inventory | regex order="\d{3}" ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM