Activity Feed
- Got Karma for Re: The Client forwarder management not showing the clients. 07-05-2024 06:33 AM
- Posted Re: Why is KV Store certificate renewal not working? on Knowledge Management. 07-01-2024 09:52 AM
- Karma Re: kvstore certificate renewal is not working... for vinod94. 07-01-2024 09:52 AM
- Posted Re: The Client forwarder management not showing the clients on Deployment Architecture. 06-26-2024 10:58 AM
- Karma Re: The Client forwarder management not showing the clients for AAlhabba. 06-26-2024 10:57 AM
- Karma Re: Upgrade Splunk Enterprise from 8.x to 9.x for SanjayReddy. 06-20-2024 11:36 AM
- Karma Re: Condition-Match and set token in Drilldown not working for akheraj_splunk. 03-19-2024 04:08 AM
- Karma How to extract IP hostname SplunkAgent and Machine architecture from splunkd_access log? for rut. 04-14-2023 03:09 AM
- Karma Re: How to extract IP hostname SplunkAgent and Machine architecture from splunkd_access log? for woodcock. 04-14-2023 03:09 AM
- Posted How to extract IP hostname SplunkAgent and Machine architecture from splunkd_access log? on Splunk Search. 04-13-2023 11:35 AM
- Tagged How to extract IP hostname SplunkAgent and Machine architecture from splunkd_access log? on Splunk Search. 04-13-2023 11:35 AM
- Got Karma for Re: Customize X Axis in time chart. 03-21-2023 04:47 PM
- Posted Re: Customize X Axis in time chart on Dashboards & Visualizations. 03-21-2023 12:34 PM
- Karma Re: Customize X Axis in time chart for richgalloway. 03-21-2023 12:31 PM
- Posted How to customize X Axis in time chart? on Dashboards & Visualizations. 03-21-2023 08:39 AM
- Tagged How to customize X Axis in time chart? on Dashboards & Visualizations. 03-21-2023 08:39 AM
- Tagged How to customize X Axis in time chart? on Dashboards & Visualizations. 03-21-2023 08:39 AM
- Tagged How to customize X Axis in time chart? on Dashboards & Visualizations. 03-21-2023 08:39 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 |
07-01-2024
09:52 AM
Worked on 9.2.1 , the add-on was not running.
... View more
06-26-2024
10:58 AM
1 Karma
@AAlhabba , thank you for the solution .Worked like a charm.
... View more
04-13-2023
11:35 AM
10.179.130.56 - - [14/Apr/2023:01:59:28.233 +0800] "POST /services/broker/phonehome/connection_10.179.130.56_8089_10.179.130.56_MYETKPWSQL002_918B12BB-35AB-452A-BAEB-592395125496 HTTP/1.1" 200 530 "-" "Splunk/8.2.7 (Windows Server 10 Standard Edition; arch=x64)" - 1ms
10.16.36.90 - - [13/Apr/2023:18:27:12.290 +0000] "POST /services/broker/phonehome/connection_10.16.36.90_8089_usseacwsrv190.us.xyz.com_usseacwsrv190_4D304A0A-05E2-483B-B2B5-7CF8A8928B7A HTTP/1.1" 200 24 "-" "Splunk/8.2.7 (Windows Server 10 Datacenter Edition; arch=x64)" - 2ms
Hi Everyone Please help me with the regex to extract the following fields highlighted in bold.
... View more
- Tags:
- regex
Labels
- Labels:
-
field extraction
-
regex
-
rex
03-21-2023
12:34 PM
1 Karma
Thank you @richgalloway for your answer and the reference link. Much appreciated .
... View more
03-21-2023
08:39 AM
Hi All,
I want chart to be created in the below way. The x-axis needs to have date and time like that.
the chart i am able to create is .
i tried to do eval strftime to _time but not getting the desired result. The 1st query I tried - index=unix (source=cpu sourcetype=cpu) OR (sourcetype=vmstat) host IN (usaws135000) | fields _time cpu_load_percent memUsedPct swapUsedPct host | timechart span=1h eval(round(avg(cpu_load_percent),2)) as CPUAvg eval(round(avg(memUsedPct),2)) as MemoryAvg eval(round(avg(swapUsedPct),2)) as SwapAvg by host useother=t limit=0 The 2nd query i tried - index=unix (source=cpu sourcetype=cpu) OR (sourcetype=vmstat) host IN (usaws1350) | fields _time cpu_load_percent memUsedPct swapUsedPct host | bin span=1h _time | eval _time=strftime(_time,"%a %b %d %Y %H:%M:%S") | stats avg(cpu_load_percent) as CPUAvg avg(memUsedPct) as MemoryAvg avg(swapUsedPct) as SwapAvg by _time
... View more
Labels
- Labels:
-
chart
