Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About jonthanze
jonthanze
Explorer
Member since:
09-23-2013
06-05-2020
Community Statistics
| Posts | 10 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 1 |
| Member Since | 09-23-2013 |
Activity Feed
- Got Karma for Can we create a Tagcloud with Splunk ?. 06-05-2020 12:46 AM
- Posted inverse join in Splunk on Splunk Search. 03-19-2014 10:01 AM
- Tagged inverse join in Splunk on Splunk Search. 03-19-2014 10:01 AM
- Tagged inverse join in Splunk on Splunk Search. 03-19-2014 10:01 AM
- Tagged inverse join in Splunk on Splunk Search. 03-19-2014 10:01 AM
- Posted Re: upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 07:24 AM
- Posted upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Tagged upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Tagged upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Tagged upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Tagged upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Tagged upgrade forwarder to Splunk 6 without reboot on Getting Data In. 01-08-2014 06:57 AM
- Posted Can we create a Tagcloud with Splunk ? on All Apps and Add-ons. 01-06-2014 07:37 AM
- Tagged Can we create a Tagcloud with Splunk ? on All Apps and Add-ons. 01-06-2014 07:37 AM
- Tagged Can we create a Tagcloud with Splunk ? on All Apps and Add-ons. 01-06-2014 07:37 AM
- Tagged Can we create a Tagcloud with Splunk ? on All Apps and Add-ons. 01-06-2014 07:37 AM
- Posted Re: can I configure universal forwarders to forward to multiple splunk indexers? on Getting Data In. 01-02-2014 06:57 AM
- Posted Re: can I configure universal forwarders to forward to multiple splunk indexers? on Getting Data In. 01-02-2014 05:56 AM
- Posted Re: change lookup macth_type on Splunk Search. 12-31-2013 04:49 AM
- Posted change lookup macth_type on Splunk Search. 12-31-2013 02:14 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 |
03-19-2014
10:01 AM
I have a search between two data sets using join, let's say sourcetype A and B.
My search looks like this:
sourcetype=A fieldA |eval fieldB=fieldA|join fieldB [search sourcetype=B fieldB]
The results i am receiving is the list of all the events where fieldA in A is the same as fieldB in B.
What I am trying to receive is the list of fieldA that doesn't exist in B.
Can someone please help me with this ?
Regards,
Jonathann
... View more
01-08-2014
07:24 AM
thanks a lot, that helped !
... View more
01-08-2014
06:57 AM
Hi
i have several windows servers with the Splunk universal forwarder version 5.xx.
I wanted to upgrade my forwarders to 6.0 but each time i run the install file of 6 i request me rebooting my server.
Isn't there a way to upgrade my forwarders without rebooting the servers ?
... View more
01-06-2014
07:37 AM
1 Karma
Hi
Can we create a tagcloud dashboard ?
I saw an example in the app called "Splunk 6 Dashboard Examples" , but there it only shows the final result, not how to reproduce it, very poorly documented.
Thanks.
... View more
01-02-2014
06:57 AM
It worked !
it just needed a moment to have the changes occurs.
Thanks guys !
... View more
01-02-2014
05:56 AM
Hi
I tried this, but it still doesn't change the fact that my second indexer appears as inactive forwards.
Can you please help ?
... View more
12-31-2013
04:49 AM
Hi
as you can read under in my question , i already altered my lookup to contain the wildcards
but it doesn't work
is there a problem with the definitions in transforms.conf ?
... View more
12-31-2013
02:14 AM
Hi
I have a list of words in a lookup table and i would like to return the events of a search that match any of the values in the lookup.
So far, nothing really hard to implement in Splunk.
The problem is that some of the values in the lookup are partially to the one in the search (e.g :the value in my lookup is foo and the one in my search is foobar).
I read this :
http://answers.splunk.com/answers/718/how-are-values-in-lookups-matched
and tried that :
(from transforms.conf)
[sourcetype i am querying]
filename = "lookup table file name"
case_sensitive_match = false
match_type = WILDCARD(field that contains "foobar")
But the entry "foo*" in my lookup did not find it.
Can someone please help me solving this ?
Thanks
... View more
12-18-2013
11:36 PM
is there a way in Splunk to index only the event of a log files that contains a specific expression or doesn't contains it.
By example, if I index a very big logfile, i don't want to index in it the INFO event but only the ERROR events.
thanks
... View more
10-02-2013
03:12 AM
Can you please share your input and props conf files ?
I have the same issue with the same architecture and i cannot solve it
thanks
... View more
