Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About PavanSeerapu
PavanSeerapu
Explorer
Member since:
09-10-2021
06-14-2022
Community Statistics
| Posts | 12 |
| Solutions | 0 |
| Karma Given | 4 |
| Karma Received | 0 |
| Member Since | 09-10-2021 |
Activity Feed
- Posted How to get index in the results with respective sourcetype? on Getting Data In. 06-14-2022 08:50 AM
- Posted Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-12-2022 11:59 PM
- Karma Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? for somesoni2. 06-12-2022 11:59 PM
- Posted Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-10-2022 12:01 AM
- Posted Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-09-2022 09:26 AM
- Karma Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? for somesoni2. 06-09-2022 08:48 AM
- Posted Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-09-2022 08:36 AM
- Posted Re: How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-09-2022 08:17 AM
- Posted How to show statistics of daily volume and latest events for all the sourcetypes in single table? on Splunk Enterprise. 06-09-2022 06:04 AM
- Posted How to get the percentage increase of threshold value and to build a dashboard out of it? on Splunk Search. 04-19-2022 08:21 AM
- Karma Re: I'm trying to extract field That looks like below for richgalloway. 04-19-2022 08:18 AM
- Posted Re: Trying to extract field in log file, can you please help with regex and field extraction. on Splunk Search. 11-17-2021 03:39 AM
- Posted Trying to extract field in log file, can you please help with regex and field extraction. on Splunk Search. 11-17-2021 02:53 AM
- Posted Re: I'm trying to extract field That looks like below on Splunk Search. 09-13-2021 05:27 AM
- Karma Re: I'm trying to extract field That looks like below for richgalloway. 09-13-2021 05:27 AM
- Posted I'm trying to extract field That looks like below on Splunk Search. 09-10-2021 12:23 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
06-14-2022
08:50 AM
index=_internal source=*metrics.log
| eval MB=round(kb/1024,2)
| search group="per_sourcetype_thruput"
| stats sum(MB) by series | eval sourcetype=lower(series)
| table index sourcetype "sum(MB)"
| append [| tstats latest(_time) as latest where index=* earliest=-24h by sourcetype |eval LastReceivedEventTime = strftime(latest,"%c") |table index, sourcetype LastReceivedEventTime | eval sourcetype=lower(sourcetype)]
| stats values(*) as * by sourcetype
| where LastReceivedEventTime != ""
Above query giving me sourtype, latest time stamp and sum(MB), but unable to get index, can someone please help
... View more
Labels
- Labels:
-
index
06-12-2022
11:59 PM
If im using TERM im not getting any events 😞
... View more
06-10-2022
12:01 AM
When using this query getting sourcetypes as duplicates one starting with capital and one starting with small as shown below, beacuse of this values are not appending correctly. WinEventLog:Security Thu Jun 9 02:35:06 2022 wineventlog:security 33.97319556
... View more
06-09-2022
09:26 AM
It worked but taking lot of time for the search to get complete 😞
... View more
06-09-2022
08:36 AM
index=_internal source=*metrics.log | eval GB=kb/(1024*1024) | search group="per_sourcetype_thruput" | stats sum(GB) by series | tstats latest(_time) as latest where index=* earliest=-24h by sourcetype |eval LastReceivedEventTime = strftime(latest,"%c") |table sourcetype LastReceivedEventTime
... View more
06-09-2022
08:17 AM
I got the individual query to get the latest time stamp and individual query to get the daily volume in GB , but i couldn't get the both in single query
... View more
06-09-2022
06:04 AM
I want to show statistics of daily volume and latest events for all the sourcetypes in single table, can you please help.
... View more
Labels
- Labels:
-
using Splunk Enterprise
04-19-2022
08:21 AM
To get the percentage increase of threshold value and to build a dashboard out of it to show as red if it is increased by 20%, can someone please suggest
... View more
Labels
- Labels:
-
other
11-17-2021
03:39 AM
| rex field=_raw "Caused by"\:\s+(?P<SQLexception>\d+) I tried this but didn't work
... View more
11-17-2021
02:53 AM
Caused by: java.sql.SQLException: Io exception: Socket closed i want to extract "java.sql.SQLException" Can you please do the needful.
... View more
Labels
- Labels:
-
field extraction
09-13-2021
05:27 AM
What exactly are you trying to extract from that string? -- abcdd-gdfc-mb40-a801-e40fd9db481e I'm using field extractor through splunk web and writing the regular expression by myself
... View more
09-10-2021
12:23 PM
I'm trying to extract field That looks like "Alert-source-key":"[\"abcdd-gdfc-mb40-a801-e40fd9db481e\"]" I have tried this "Alert-source-key":"(?P<Alert_key>[^"]+)" but i'm getting results like "[/" since it is checking for only
... View more
Labels
- Labels:
-
field extraction
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-14-2022
01:51 PM
|
