×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
deev
Observer
Member since: ‎11-29-2021
‎12-06-2021
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎11-29-2021
View All

Re: How to remove double quotes from an event fie...

by in Splunk Search
‎12-05-2021 08:29 PM
‎12-05-2021 08:29 PM
2021-11-20 11:03:32.428, TEST_ID="0012345",COMMENTS="It tells me to use a "generic configuration request" form test. I went to test and searched for this string, it gave me a page called "Test configuration Request" which told me that I need to go to test to create CIs?" ... View more

How to remove double quotes from an event field

by in Splunk Search
‎11-30-2021 12:28 AM
‎11-30-2021 12:28 AM
Please find the sample event field comment   comment="This is  sample data  "to remove the double quote value" how to remove it?It is for a  "testing purpose" which we need to handle " I have tried rex field=_raw  mode=sed "s/\"//g"    But after that when we apply   table  command  |table comment , giving me partial data  "This is  sample data "  Appreciate your help Deev ... View more
Labels

Re: Rest API call is getting timeout due to high v...

by in Splunk Dev
‎11-30-2021 12:18 AM
‎11-30-2021 12:18 AM
Thank you for your feedback . Point noted.  Tried with 1 mins data but it was taking 15 mins time to execute the script . Is there any better way to handle  high volume of data  into outside splunk ? ... View more

Rest API call is getting timeout due to high volum...

by in Splunk Dev
‎11-29-2021 02:22 AM
‎11-29-2021 02:22 AM
Hi,  We are using  the Curl script to call splunk RestAPI to send the data out of  splunk  (to Kafka/ES) . We have 1+lakhs  events in every second . So while calling the rest api (calling every 5 secs) , it is getting time out . Sample  curl command for calling restapi    curl -k -u admin:changeme \ https://localhost:8089/services/search/jobs/ -d search="search index=sample sourcetype=access_* earliest=-5m" What is the limit of event count  we can extract at a time through Rest API Call? What is the  default timeout settings  ?Is it possible to change ?  Is there a better way to send splunk data  outside?  Tried Python script using Splunklib.client .That also failed .   Appreciate your inputs in advance . Regards Deev   ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎12-06-2021 12:16 AM