Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About manidandu
manidandu
Explorer
Member since:
05-05-2021
02-23-2022
Community Statistics
| Posts | 15 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 05-05-2021 |
Activity Feed
- Posted Re: How can I put the logo above the dashboard header ? on Dashboards & Visualizations. 02-22-2022 07:50 AM
- Posted Re: Service Now Add on on All Apps and Add-ons. 12-08-2021 07:45 AM
- Posted Re: Service Now Add on on All Apps and Add-ons. 12-07-2021 12:04 PM
- Posted Re: Calculate max Transaction per second per day on Splunk Search. 10-21-2021 08:26 AM
- Posted Re: How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 08-05-2021 09:32 AM
- Tagged Re: How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 08-05-2021 09:32 AM
- Posted Re: How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 08-04-2021 12:46 PM
- Posted Re: How to calculate time difference between first, third event and second, fourth event? on Dashboards & Visualizations. 08-04-2021 07:48 AM
- Posted Re: How to write a regular expression for a xml file on Splunk Enterprise. 08-01-2021 06:58 PM
- Posted How to write a regular expression for a xml file on Splunk Enterprise. 08-01-2021 12:53 PM
- Tagged How to write a regular expression for a xml file on Splunk Enterprise. 08-01-2021 12:53 PM
- Posted Re: How to calculate time difference between first, third event and second, fourth event? on Dashboards & Visualizations. 07-16-2021 06:10 AM
- Posted Re: How to calculate time difference between first, third event and second, fourth event? on Dashboards & Visualizations. 07-14-2021 05:49 AM
- Posted Re: How to calculate time difference between first, third event and second, fourth event? on Dashboards & Visualizations. 07-14-2021 05:26 AM
- Posted How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
- Tagged How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
- Tagged How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
- Tagged How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
- Tagged How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
- Tagged How to calculate time difference between first, fourth event and second, third event? on Dashboards & Visualizations. 07-13-2021 05:28 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
02-22-2022
07:50 AM
Hi @vnravikumar, Can you help me to understand where should i save this src=<path>? <img src="/static/app/search/img.png"
... View more
12-08-2021
07:45 AM
Can you help me with the steps to install add-on? We have distributed environement, where we need to install on SH or HF's?
... View more
12-07-2021
12:04 PM
Hi all, Can someone help me how to integrate Service-Now with Splunk? what type of integrations we have and what steps we need to take to implement those.
... View more
10-21-2021
08:26 AM
Hi, Do you have any resolution for this? Please post if you have any sample query.
... View more
08-05-2021
09:32 AM
Hi @manjunathmeti , For single transaction_id above commands are working as expected But when I give transaction_id=*, I am getting wrong difference.. Any suggestions how to fix it?
... View more
- Tags:
- hi
08-04-2021
12:46 PM
Hi @manjunathmeti , Thanks for your time. I combined both commands and it worked when i try for one transaction id's: index=abc sourcetype=def transaction_id=123456789 | stats count by _time, direction, pacs, transaction_id | streamstats range(_time) as TotalDiff | streamstats window=2 range(_time) as SingleDiff | streamstats count by transaction_id | where count IN(3, 4) | eval diff_2_3=if(count=3, SingleDiff, ""), diff_4_1=if(count=4, TotalDiff, "") | fields - count SingleDiff, TotalDiff | stats latest(_time) as _time max(*) as * by transaction_id For single transaction_id above command is working as expected But when I give transaction_id=*, I am getting wrong difference.. Any suggestions how to fix it?
... View more
08-04-2021
07:48 AM
Thanks for your help @bowesmana. I want only TotalDiff in the 4th entry and SingleDiff in the 3rd entry in the table. I don't want anyother values. For example, I have output as below: _time direction transaction_id count SingleDiff TotalDiff 2021-08-04 06:18:19.178 in 123456789 1 0.000000 0.000000 2021-08-04 06:18:19.230 out 123456789 1 0.052000 0.052000 2021-08-04 06:18:34.525 out 123456789 1 15.295000 15.347000 2021-08-04 06:18:34.546 out 123456789 1 0.021000 15.368000 2021-08-04 06:18:48.005 in 123456789 1 13.459000 28.827000 Instead of above output I want output as below: transaction_id SingleDiff TotalDiff 123456789 15.295000 15.368000 Below is the search I am using: index=abc sourcetype=def transaction_id=123456789 | stats count by _time, direction, transaction_id | streamstats range(_time) as TotalDiff | streamstats window=2 range(_time) as SingleDiff Any suggestions?
... View more
08-01-2021
06:58 PM
Thanks for your help @ITWhisperer .. To mask these field values I can use sedcmd as below right? SEDCMD-Test = s/<ab:Nm>(?<Nm>[^<]+)/<ab:Nm>########/g Expected Output: <ab:Nm>########</ab:Nm>
... View more
08-01-2021
12:53 PM
I need to mask data for fields values of <ab:Nm>, <ab:StrtNm>, <ab:PstCd>, <ab:TwnNm>, <ab:CtrySubDvsn>, <ab:Ctry>, <ab:Ustrd> from below events: First Event: <ab:Dbtr> <ab:Nm>ACB L OESGT AGBDH</ab:Nm> <ab:PstlAdr> <ab:StrtNm>12345 BELBON WAY</ab:StrtNm> <ab:PstCd>45352-1242</ab:PstCd> <ab:TwnNm>CUBA TWP</ab:TwnNm> <ab:CtrySubDvsn>AB</ab:CtrySubDvsn> <ab:Ctry>CD</ab:Ctry> </ab:PstlAdr> </ab:Dbtr> <ab:RmtInf> <ab:Ustrd>happy birthday 💖</ab:Ustrd> </ab:RmtInf> Second Event: <ab:Dbtr> <ab:Nm>AMIRA S ELHASSAN</ab:Nm> <ab:PstlAdr> <ab:StrtNm>5267 APHEG DR</ab:StrtNm> <ab:PstCd>54672-1080</ab:PstCd> <ab:TwnNm>ANTARTICA BEACH</ab:TwnNm> <ab:CtrySubDvsn>EF</ab:CtrySubDvsn> <ab:Ctry>CD</ab:Ctry> </ab:PstlAdr> </ab:Dbtr> <ab:RmtInf> <ab:Ustrd>happy birthday, birthday party on me</ab:Ustrd> </ab:RmtInf> Third event: <ab:Dbtr> <ab:Nm>ALYSSA FOSTER</ab:Nm> <ab:PstlAdr> <ab:StrtNm>529833 PRIME BILL CT</ab:StrtNm> <ab:PstCd>45673-8297</ab:PstCd> <ab:TwnNm>BEDERICK</ab:TwnNm> <ab:CtrySubDvsn>MD</ab:CtrySubDvsn> <ab:Ctry>CD</ab:Ctry> </ab:PstlAdr> </ab:Dbtr> <ab:RmtInf> <ab:Ustrd>happy birthday my love, have fun.</ab:Ustrd> </ab:RmtInf> Can someone help me with the regex?
... View more
Labels
- Labels:
-
using Splunk Enterprise
07-16-2021
06:10 AM
Hi @bowesmana, yeah I edited my original post. Sorry to confuse you..
... View more
07-14-2021
05:49 AM
Thanks for your time @bowesmana. What if my data looks like below: _time Direction ABCD Transaction_ID 2021-07-13 18:56:58.487 in abcd.008.001.08 123456789 2021-07-13 18:56:58.603 out abcd.008.001.08 123456789 2021-07-13 18:56:59.981 in abcd.002.001.10 123456789 2021-07-13 18:57:00.062 out abcd.002.001.10 123456789 2021-07-13 18:57:00.565 out abcd.002.001.10 123456789 I want to calculate time difference between (1st and 4th event), (2nd and 3rd event). I don't want 5th event in the results. _time direction ABCD Transaction_ID First event : 2021-07-13 18:56:58.487 in abcd.008.001.08 123456789 Second Event: 2021-07-13 18:56:58.603 out abcd.008.001.08 123456789 Third event: 2021-07-13 18:56:59.981 in abcd.002.001.10 123456789 Fourth event: 2021-07-13 18:57:00.062 out abcd.002.001.10 123456789 Fifth event: 2021-07-13 18:57:00.565 out abcd.002.001.10 123456789
... View more
07-14-2021
05:26 AM
Hi @venkatasri , No.. My Transaction_Id is same for all five events and my data looks like below: _time Direction ABCD Transaction_ID 2021-07-13 18:56:58.487 in abcd.008.001.08 123456789 2021-07-13 18:56:58.603 out abcd.008.001.08 123456789 2021-07-13 18:56:59.981 in abcd.002.001.10 123456789 2021-07-13 18:57:00.062 out abcd.002.001.10 123456789 2021-07-13 18:57:00.565 out abcd.002.001.10 123456789 I want to calculate time difference between (1st and 4th event), (2nd and 3rd event). I don't want 5th event in the results. _time direction ABCD Transaction_ID First event : 2021-07-13 18:56:58.487 in abcd.008.001.08 123456789 Second Event: 2021-07-13 18:56:58.603 out abcd.008.001.08 123456789 Third event: 2021-07-13 18:56:59.981 in abcd.002.001.10 123456789 Fourth event: 2021-07-13 18:57:00.062 out abcd.002.001.10 123456789 Fifth event: 2021-07-13 18:57:00.565 out abcd.002.001.10 123456789
... View more
07-13-2021
05:28 PM
Hi All, I am trying to create a dashboard with response time between the transactions. For example, let's i have data output as below: _time Direction ABCD Transaction_ID 2021-07-13 18:56:58.487 in abcd.008.001.08 123456789 2021-07-13 18:56:58.603 out abcd.008.001.08 123456789 2021-07-13 18:56:59.981 in abcd.002.001.10 123456789 2021-07-13 18:57:00.062 out abcd.002.001.10 123456789 2021-07-13 18:57:00.565 out abcd.002.001.10 123456789 From above output I would like to calculate time difference between first and fourth event (i.e 2021-07-13 18:57:00.062 - 2021-07-13 18:56:58.487) and time difference between second and third event ( i.e 2021-07-13 18:56:59.981 - 2021-07-13 18:56:58.603). Can someone help me with this query. Highly appreciate your help in this context.
... View more
05-24-2021
08:39 AM
I want to delete data for a source as we are seeing sensitive information in it. Can I use | delete for that source? Once we fix the maxing issue, we can start pulling logs from that source and we can search it right? Please let me know.
... View more
05-05-2021
01:00 PM
Hi Team, Can some one help me how to create a report as excel form? This report should be like Daily summary table I want output like below: Day 5-May MTD-May Prior Month Volume Value Avg Amount 123,456 $123 $456 1,234,567 $234 $567 4,567,898 $2,345 $567 Receiver Receiving Participant Account issue Total 2 3 4 9 3 4 5 12 1 2 3 6 Can someone help me in building this query. Appreciate your help in this context.
... View more
Labels
- Labels:
-
using Splunk Enterprise
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
02-23-2022
11:40 AM
|
