×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
richnavis88
Explorer
Member since: ‎09-09-2022
‎08-06-2024
Community Statistics
Posts 4
Solutions 0
Karma Given 2
Karma Received 1
Member Since ‎09-09-2022
Activity Feed
View All

Re: Is there a more efficient way to match multipl...

by in Splunk Search
‎10-24-2022 01:08 PM
1 Karma
‎10-24-2022 01:08 PM
1 Karma
Any of these should be much faster with #2 and #3 being incrementally faster than the previous in the order. 1. index=wineventlog host="myhost" EventCode=7036 NOT Message IN ("*WMI*", "*WinHTTP*") 2. index=wineventlog host="myhost" TERM(EventCode=7036) NOT Message IN ("*WMI*", "*WinHTTP*") 3. index=wineventlog host="myhost" TERM(EventCode=7036) NOT WMI NOT WinHTTP NOT Message IN ("*WMI*", "*WinHTTP*") ... View more

Re: How to compare average of last 30 days to last...

by in Splunk Search
‎09-10-2022 10:35 AM
‎09-10-2022 10:35 AM
eventstats doesn't support the window parameter.  I tried streamstats with window and time_window, but I can't seem to get it to report correctly ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎08-06-2024 11:49 PM