cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
kotak86
Explorer
Member since: ‎08-29-2019
‎03-13-2021
Community Statistics
Posts 9
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎08-29-2019
Activity Feed
View All

Re: How do I extract the dirname from the filepath

by in Splunk Search
‎03-12-2021 05:00 PM
‎03-12-2021 05:00 PM
echo '/splunk/is/not/easy/' | sed -E 's#(.*)/.+/?#\1#' ... View more

Re: send all tables of dashboard via email in HTML...

by in Reporting
‎08-22-2020 08:43 AM
‎08-22-2020 08:43 AM
@kotak86 I dont think there is an existing feature or custom app for this kind of use case. You can either submit and idea on ideas.splunk.com or build your own Custom Alert Action for this feature. ... View more

Re: How to extract value from token in init sectio...

by in Dashboards & Visualizations
‎08-08-2020 06:22 AM
1 Karma
‎08-08-2020 06:22 AM
1 Karma
@kotak86 since you are trying to use a token in the init section, which does not seem to be set during dashboard initialization, your dependent token is not getting set. Try to use an independent search instead, which also runs on Dashboard load as well as each time source token changes, <search> <query>| makeresults | fields - _time | eval cur_data=substr($data_type|s$, 8,12)</query> <done> <set token="cur_data">$result.cur_data$</set> </done> </search> ... View more

Re: Why is date modifier is not working for the se...

by in Splunk Dev
‎09-09-2019 10:28 AM
‎09-09-2019 10:28 AM
I am not getting consistent result - it looks very weird... sending time in epoch ("1566872999.000000")as well date string (""08/27/2019:07:59:59","%m/%d/%Y:%H:%M:%S") works but I am getting different start boundary (means in both file log start from different time) for the following two example. {'search': 'search source=*kong_access* earliest=08/01/2019:0:0:0 latest=08/01/2019:23:59:59 http_apikey | fields - host,source,sourcetype, splunk_server, _time, index, _serial', 'output_mode': 'csv'} {'search': 'search source=*kong_access* earliest=08/01/2019:0:0:0 latest=08/08/2019:23:59:59 http_apikey | fields - host,source,sourcetype, splunk_server, _time, index, _serial', 'output_mode': 'csv'} ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎03-13-2021 02:58 AM
Karma given to
View All