×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
bpna
Explorer
Member since: ‎04-28-2021
‎08-02-2022
Community Statistics
Posts 6
Solutions 0
Karma Given 0
Karma Received 2
Member Since ‎04-28-2021
View All

Re: External python search - Error "Failed to pars...

by in Splunk Search
‎07-19-2023 01:13 AM
‎07-19-2023 01:13 AM
Thank you! Worked OK! I faced the same error. You helped a lot! 🙂 ... View more

Re: Using like() not working in where statement

by SplunkTrust in Splunk Search
‎04-28-2021 03:28 PM
‎04-28-2021 03:28 PM
@bpna  When using field names in statements that take an eval expression, like the where clause does, you will need to escape fields that do not contain 'simple' characters. In practice this means that any field starting with a numeric, or not contain only numbers and letters will need to be escaped by wrapping the field in single quotes, e.g. | where like('data.rule.name', "Target Trends.%") in this case, the . character needs to be escaped. See these links for a description (although they are SLP2, they apply here also) https://docs.splunk.com/Documentation/SCS/current/Search/Escapecharacters#Rules_for_when_to_use_escape_characters https://docs.splunk.com/Documentation/SCS/current/Search/Quotations ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎08-02-2022 12:23 PM
Karma from
View All