Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About tirusplunk
tirusplunk
Engager
Member since:
11-06-2013
06-05-2020
Community Statistics
| Posts | 11 |
| Solutions | 0 |
| Karma Given | 1 |
| Karma Received | 0 |
| Member Since | 11-06-2013 |
Activity Feed
- Karma Re: How to add custom log file to splunk universal forwarder? for jtrucks. 06-05-2020 12:46 AM
- Posted Drilldown on report columns on Dashboards & Visualizations. 02-05-2014 10:37 PM
- Tagged Drilldown on report columns on Dashboards & Visualizations. 02-05-2014 10:37 PM
- Tagged Drilldown on report columns on Dashboards & Visualizations. 02-05-2014 10:37 PM
- Tagged Drilldown on report columns on Dashboards & Visualizations. 02-05-2014 10:37 PM
- Posted Re: Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 09:36 PM
- Posted Re: Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 07:29 PM
- Posted Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 05:47 PM
- Tagged Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 05:47 PM
- Tagged Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 05:47 PM
- Tagged Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 05:47 PM
- Tagged Detecting keywords from another search in a field from other search on Splunk Search. 01-30-2014 05:47 PM
- Posted Re: How do index TAB delimited files? on Splunk Search. 11-19-2013 08:27 PM
- Posted Re: How do index TAB delimited files? on Splunk Search. 11-19-2013 08:25 PM
- Posted Re: How to add custom log file to splunk universal forwarder? on Getting Data In. 11-19-2013 02:05 AM
- Posted How to get fields from tab limited log files with single header? on All Apps and Add-ons. 11-19-2013 02:04 AM
- Tagged How to get fields from tab limited log files with single header? on All Apps and Add-ons. 11-19-2013 02:04 AM
- Tagged How to get fields from tab limited log files with single header? on All Apps and Add-ons. 11-19-2013 02:04 AM
- Posted How to add custom log file to splunk universal forwarder? on Getting Data In. 11-13-2013 08:46 PM
- Tagged How to add custom log file to splunk universal forwarder? on Getting Data In. 11-13-2013 08:46 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
02-05-2014
10:37 PM
Hi Guys,
I have a report with column bar. I need to show another report when I click on any column bar by taking the input from this click. How can I do it in the splunk?
Thanks,
Tirumal
... View more
01-30-2014
09:36 PM
ExtraInfo!=ExtraInfo|eval X=case(ExtraInfo LIKE "%Gmail%","Gmail",ExtraInfo LIKE "%Outlook Web App%","Outlook Web App",ExtraInfo LIKE "%Yahoo! Mail%","Yahoo! Mail")
I could think of this. But can I manage this big case statement(this case statement may grow) like an event-type or something else in my splunk?
... View more
01-30-2014
07:29 PM
Can I place only keywords in lookup table instead of both ExtraInfo and Keyword?
... View more
01-30-2014
05:47 PM
Hi Guys,
I have a requirement like this. In a search I am getting a field like
ExtraInfo Count
User-Gmail-GoogleChrome 6
Inbox-Yahoo! Mail 3
.....
In another I have keywords like Gmail,Yahoo! Mail,...etc.
I want to write a query which gives me the output like this.
Keyword Count
Gmail 6
Yahoo! Mail 3
Could you please help me in this regard?
... View more
11-19-2013
08:27 PM
Hi rafamss,
I included above things in props.conf and transforms.conf. But in preview of my log file I am getting the output like this.
Timestamp Event 1 11/19/13 6:46:50.000 PM "Time" "Temparature"
2 11/12/13 4:23:52.051 PM "11/12/2013 16:23:52.051" "+50"
3 11/12/13 4:23:53.051 PM "11/12/2013 16:23:53.051" "-40"
4 11/12/13 4:23:54.051 PM "11/12/2013 16:23:54.051" "-60"
5 11/12/13 4:23:55.051 PM "11/12/2013 16:23:55.051" "+50"
6 11/12/13 4:23:55.051 PM
I did follow by querying this like you said ..|stats dc(*) as *. But no use. Can you please help me in this regard?
Thanks, Tiru
... View more
11-19-2013
08:25 PM
Hi nosignal,
I included above things in props.conf and transforms.conf. But in preview of my log file I am getting the output like this.
Timestamp Event
1 11/19/13 6:46:50.000 PM "Time" "Temparature"
2 11/12/13 4:23:52.051 PM "11/12/2013 16:23:52.051" "+50"
3 11/12/13 4:23:53.051 PM "11/12/2013 16:23:53.051" "-40"
4 11/12/13 4:23:54.051 PM "11/12/2013 16:23:54.051" "-60"
5 11/12/13 4:23:55.051 PM "11/12/2013 16:23:55.051" "+50"
6 11/12/13 4:23:55.051 PM
I did follow by querying this like you said ..|stats dc(*) as *. But no use. Can you please help me in this regard?
Thanks,
Tiru
... View more
11-19-2013
02:05 AM
Thank you jtrucks. Its working
... View more
11-19-2013
02:04 AM
How to get fields from tab limited log files with single header?
I could not find the following files inputs.conf and prop.conf in directory $SPLUNK_HOME/etc/system/local to set the fields. Is there another way to do it?
Thanks,
Tirumal
... View more
- Tags:
- delimitedfields
- field
11-13-2013
08:46 PM
How to add custom log file to splunk universal forwarder?
I have an application which generate the log. I need to add this log file to splunk universal forwarder. So that it could be monitored by indexer.
Thanks,
Tirumal
... View more
11-13-2013
01:46 AM
Hi Brokolice,
Have you managed to get these counters and perfmons in the splunk indexer?
If yes, Can you please tell me how you did it?
Thanks & Regards,
Tirumal
... View more
11-10-2013
05:45 AM
How to add file to splunk server using splunk sdk C#
Can you please tell me procedure to add file (single shot file/monitor file) through splunk SDK for c#?
Thanks,
Tirumal
... View more
