×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
CyberAar
Explorer
Member since: ‎07-23-2025
‎08-30-2025
Community Statistics
Posts 6
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎07-23-2025
Activity Feed
View All

Re: Is this quiz question incorrectly answered in ...

by in All Apps and Add-ons
‎08-30-2025 07:04 PM
‎08-30-2025 07:04 PM
May I know what does "not a standard function" imply? In the official tutorial, validate() function has been also explained along with if() and case(). Works similar to case() but does just the opposite of it.  Thanks for mentioning about posting the content. I have removed it.  ... View more

is in() function only used with if() and case() or...

by in All Apps and Add-ons
‎08-30-2025 04:54 PM
‎08-30-2025 04:54 PM
I am asking this question because I was studying one of the tutorials and the quiz question says it is NOT applicable to validate(). Based on what I understood, in() function can be used in validate(), case() and if(). I verified it by running a search. Not sure why validate() is an incorrect option. Thoughts? ... View more
Labels

Re: Where can I find a list of the knowledge objec...

by in All Apps and Add-ons
‎08-30-2025 04:49 PM
‎08-30-2025 04:49 PM
Not judging anybody's knowledge here at all but you can see the problem right...both @PrewinThomas  and @Meett have different opinions on this and there is nothing I can see on this in the documentation. I am a total beginner so which one is the correct response? 🙂 ... View more

Where can I find a list of the knowledge objects i...

by in All Apps and Add-ons
‎08-26-2025 07:57 AM
‎08-26-2025 07:57 AM
I know that CIM Add-on has some knowledge objects that are obvious which includes fields, event type, tags and field aliases. What are other knowledge objects included in the CIM Add-On?  I was not able to find a clear answer to this question in the Splunk docs.  ... View more
Labels

Re: Sort command not sorting as expected

by in Splunk Search
‎07-28-2025 04:07 PM
‎07-28-2025 04:07 PM
thanks for response ! @livehybrid @richgalloway  @richgalloway  - yes, the documentation does mention that numerics will be sorted as numbers. I am confused because I thought that by putting quotes around the numbers, they would automatically get appended as strings to the fruit field and not as numbers.  So is it right to conclude that even though I added double quotes for numbers while appending them, by default Splunk does not take it as a string? Explicit type conversion is required as an additional step? ... View more

Sort command not sorting as expected

by in Splunk Search
‎07-23-2025 12:50 PM
‎07-23-2025 12:50 PM
The Splunk documentation says that the order rule is lexicographic. I am trying to sort the following values: | makeresults | eval fruit="apple" | append [ | makeresults | eval fruit="Banana" ] | append [ | makeresults | eval fruit="zebra" ] | append [ | makeresults | eval fruit="10" ] | append [ | makeresults | eval fruit="2" ] | append [ | makeresults | eval fruit="20" ] | append [ | makeresults | eval fruit="30" ] | append [ | makeresults | eval fruit="3" ] | append [ | makeresults | eval fruit="1" ] | append [ | makeresults | eval fruit="25" ] | append [ | makeresults | eval fruit="38" ] | table fruit | sort fruit The output I am getting is: 1, 2, 3, 10, 20, 25, 30, 38, Banana, apple, zebra I understand that Banana appears before apple because B<a. But what is up with string numerics? Shouldn't the order be: 1, 10, 2, 20, 25, 3, 30, 38, Banana, apple, zebra ?  Even the documentation says that between 10, 9, 70, 100 the sorted output should be 10, 100, 70, 90.  https://help.splunk.com/en/splunk-enterprise/search/spl-search-reference/9.2/search-commands/sort  ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎08-30-2025 04:44 PM
Karma given to
View All