Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About satyajit7
satyajit7
Explorer
Member since:
04-06-2021
04-15-2021
Community Statistics
| Posts | 9 |
| Solutions | 1 |
| Karma Given | 2 |
| Karma Received | 0 |
| Member Since | 04-06-2021 |
Activity Feed
- Posted Re: How to use output of a 1st query as input in second query. on Splunk Search. 04-15-2021 01:30 AM
- Posted Re: How to use output of a 1st query as input in second query. on Splunk Search. 04-14-2021 10:47 PM
- Karma Re: How to use output of a 1st query as input in second query. for scelikok. 04-14-2021 10:46 PM
- Posted Re: How to use output of a 1st query as input in second query. on Splunk Search. 04-14-2021 10:41 PM
- Posted Re: How to use output of a 1st query as input in second query. on Splunk Search. 04-14-2021 03:39 AM
- Posted How to use output of a 1st query as input in second query. on Splunk Search. 04-13-2021 11:36 PM
- Posted How to make a query to search filed by taking output from the the 1st query on Splunk Search. 04-08-2021 11:37 PM
- Karma Re: How to get environment in customized order for thambisetty. 04-08-2021 10:58 PM
- Posted Re: How to print a splunk variable? on Splunk Search. 04-06-2021 02:55 AM
- Posted Re: How to print a splunk variable? on Splunk Search. 04-06-2021 02:11 AM
- Posted How to print a splunk variable? on Splunk Search. 04-06-2021 01:52 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
04-15-2021
01:30 AM
@Anonymous can you please help me. Still I'm facing issue to use the output of the 1st query in my 2nd query. And my 2nd query is complex one as it contains 3 join query but all 3 required txn id as input also
... View more
04-14-2021
10:47 PM
@scelikok thanks so much. I just put join instead of | search and it worked magically. My final query will be like ... | Join [ search $token_account_id$ earliest=$token_time.earliest$ latest=$token_time.latest$| rex "txnid".{5}(?<TXNID>.*?(?=\\\))"|dedup TXNID | fields TXNID ] | rex "custid".{5}(?<custid>.*?(?=\\\))"| rex "custname".{5}(?<custname>.*?(?=\\\))"| rex "pdate".{5}(?<pdate>.*?(?=\\\))"|table custid, custname, pdate| rename custid as CustomerID, custname as Customer Name, pdate as Purchase Date
... View more
04-14-2021
10:41 PM
Thanks for your reply. I tried this subsearch approach but seems it didn't give me any results
... View more
04-14-2021
03:39 AM
Thanks @scelikok for the reply. Mu sample query 1st query ...| rex "txnid".{5}(?<TXNID>.*?(?=\\\))"|dedup TXNID 2nd query ... Need to pass that TXNID here | rex "custid".{5}(?<custid>.*?(?=\\\))"| rex "custname".{5}(?<custname>.*?(?=\\\))"| rex "pdate".{5}(?<pdate>.*?(?=\\\))"|table custid, custname, pdate| rename custid as CustomerID, custname as Customer Name, pdate as Purchase Date NB:- I will use this in the dashboard. In the dashboard I have one input text and a date filed which user need to provide. User will provide account id which need to be on 1st query based on the account and time stamo it will fetch the txnid and using that txnid need to fetch and show in the dashboard.
... View more
04-13-2021
11:36 PM
I have a 1st query by taking input from the dashboard and where I got id as a result from that. And I want to use that id fetch from the 1st query , in my 2nd query as input and show the required fileds which is available in 2nd query on dashboard. N.B:- I know join but facing issue in how to pass that id as a variable to the 2nd query Actually it need to be work on a dashboard. Can someone please help. @niketn
... View more
04-08-2021
11:37 PM
I have a requirement like, I have to create a dashboard and there will be a input filed called as account Id and after entering the account id it will give desire results. I have two payloads and one payload contain accountId along with transId. And another payload contain transId and merchantname and etc. My 1st query will fetch the transid after giving account id as input. My 2nd query need that tansid to search other filed for the dashboard. How can I achieve this. Please someone help. In last i want to use the output of the 1st query as input to the 2nd query and both query need to be in same place.
... View more
Labels
- Labels:
-
field extraction
-
fields
-
join
-
regex
-
rex
-
subsearch
-
table
-
transaction
04-06-2021
02:55 AM
@gcusello Thanks for your reply and I got solution as well. I have looked to that doc and got some ideas. Now I'm able to print the date range in Tabular format. My code looks like this and it's working perfectly ....|addinfo| eval startDate= strftime(info_min_time,"%Y-%m-%d")| eval endDate= strftime(info_max_time,"%Y-%m-%d")|table startDate endDate. Thanks again.
... View more
04-06-2021
02:11 AM
And I'm trying to use like this .....|eval startDate = $job.earliestTime$ | eval endDate = $job.latestTime$ | table startDate endDate
... View more
04-06-2021
01:52 AM
How to print a splunk default variable in search query? Actually I have two variables like $job.earliestTime$ and $job.latestTime$. And I want this two to use in alert so that it will give me the date range in the pdf. Can somebody please suggest.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
04-15-2021
04:56 AM
|
