cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
jinito14002
New Member
Member since: ‎10-07-2019
‎06-12-2023
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-07-2019
View All

Re: Search that Alerts for two events with a match...

by in Splunk Search
‎10-11-2019 01:05 AM
‎10-11-2019 01:05 AM
Thanks, this did the trick for me. just needed that one word "transaction" ... View more

Search that Alerts for two events with a matching ...

by in Splunk Search
‎10-07-2019 01:16 AM
‎10-07-2019 01:16 AM
Hi I'm new to Splunk and am having a hard time finding a simple solution to this. I tried using subsearch and append but couldn't do it. Wherever I look, it only has complicated solutions with at least 5 pipes. How do I create an alert if two certain events occurred and their ip addresses match? (Source OR Destination ip whichever) 1. index=snort sid=100 src_ip=192.168.1.3 dst_ip=192.168.1.5 2. index=snort sid=101 src_ip=192.168.1.5 dst_ip=192.168.1.3 If its possible to check whether if event #2 occurred within 5 minutes of event #1 at the same time, that would be great. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-12-2023 10:57 AM