×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
wrickxian
Explorer
Member since: ‎05-12-2016
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎05-12-2016
Activity Feed
View All

Re: How to set up an email alert in Splunk for Cis...

by in Alerting
‎05-13-2016 01:56 PM
1 Karma
‎05-13-2016 01:56 PM
1 Karma
Hi rich7177, I played around with the query and modified a few things, it is working for me. thank you very much! my search base.. | rex "MID\s+(?\d+)" | rex "MID\s+(?\d+)" | rex "MID\s+(?\d+)\s+was\s+generated\s+based\s+on\s+MID\s+(?\d+)" | transaction maxspan=15s org2_MID | search "by PXE encryption" | transaction maxspan=15s new2_MID ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All