×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
RashidZamanDC
Loves-to-Learn
Member since: ‎10-02-2020
‎10-20-2021
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-02-2020
Activity Feed
Topics I've Started
No posts to display.
View All

Re: How to Monitor missing sourcetypes/hosts

by in Getting Data In
‎05-17-2023 02:09 PM
‎05-17-2023 02:09 PM
Shortly after I posted this I made a change to the one line in question to add eval(recent=1) and eval(recent=0)   | stats count(eval(recent=1)) as CurrentCount count(eval(recent=0)) as HistoricalCount by sourcetype host   I am now getting the results that I expected. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-20-2021 01:32 PM