×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
477450
Explorer
Member since: ‎03-27-2015
‎06-05-2020
Community Statistics
Posts 8
Solutions 1
Karma Given 5
Karma Received 0
Member Since ‎03-27-2015
Activity Feed
View All

Re: How to display a list of fields for an index?

by SplunkTrust in Splunk Search
2 weeks ago
2 weeks ago
OK. If you put there literally "<myindex>" that obviously won't work. I'll assume you actually substituted that for the real index name so in case of an internal index that would be index=_internal | stats values(*) AS * | transpose | table column | rename column AS fieldnames So actually there are several possible issues with those searches. Transpose has its limits, tabling all events can be resource-intensive... Actually the best one of those seems to be the fieldsummary one. But if you're not gettting any results (and no errors) at all that means there's something more to it. Inspect the job, check its log. Do you have the permissions to the target index? Aren't you trying to search over a longer period than permitted for your role?  ... View more

Re: Why is our scheduled report that runs in our s...

by in Reporting
‎09-04-2015 11:04 AM
‎09-04-2015 11:04 AM
This workaround should not be necessary. If you schedule the report under the user who has the appropriate TZ, it should work as you expect. It would not be unreasonable to create a user called "TimeZone EST" and another user as "TimeZone CST" and set each user's TimeZone preference by logging-in as each user and going to My Username -> Edit Account -> Time zone and setting the value appropriately. Any searches run by a user will have date values normalized based on this user setting. In your case, since everybody is EST if each user set's his own Time zone value to EST then the problem should go away automatically without any trickery or hacks. ... View more

Re: Splunk Dashboard Report Timezone Issue

by in Reporting
‎03-30-2016 06:06 AM
‎03-30-2016 06:06 AM
I am seeing this issue with the Cisco Security App's Firewall Overview panel on the current version of Splunk Cloud as well. Is there an ETA on when this bug might be fixed? Thanks! ... View more

Re: How do I add the count of string values in eac...

by in Splunk Search
‎08-20-2015 08:36 AM
‎08-20-2015 08:36 AM
My bad, was using the wrong column in the appendpipe. Just updated. See if that works. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma given to