×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
shenoyveer
Path Finder
Member since: ‎09-12-2024
‎01-28-2025
Community Statistics
Posts 21
Solutions 1
Karma Given 5
Karma Received 0
Member Since ‎09-12-2024
Activity Feed
View All

Re: Filtering logs for a string only based on date

by SplunkTrust in Splunk Search
‎01-30-2025 03:31 AM
‎01-30-2025 03:31 AM
You seem to have removed the parsing of the slot - also, try using epoch times and not converting them to strings (as this is unnecessary) index="index1" | search "slot" | rex field=msg "VF\s+slot\s+(?<slot_number>\d+)" | rex field=msg "(?<action>added|removed)" | eval added_epoch=if(action="added",_time,null()) | eval removed_epoch=if(action="removed",_time,null()) | sort 0 _time | streamstats max(added_epoch) as added_epoch latest(removed_epoch) as removed_epoch by host, slot_number | eval downtime=if(isnotnull(added_epoch) AND isnotnull(removed_epoch), removed_epoch - added_epoch, 0)   ... View more

Re: Unable to visualize the dashboard as per the r...

by in Dashboards & Visualizations
‎01-08-2025 08:57 PM
‎01-08-2025 08:57 PM
Thanks Kiran 🙂 ... View more

Re: Creating dashboard with 4 columns

by in Splunk Search
‎09-16-2024 04:53 AM
‎09-16-2024 04:53 AM
I got the query that we need to use dedup  thanks anyway. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎01-28-2025 12:43 PM
Karma given to