Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About palisetty
palisetty
Communicator
Member since:
12-20-2019
06-05-2020
Community Statistics
| Posts | 75 |
| Solutions | 0 |
| Karma Given | 37 |
| Karma Received | 3 |
| Member Since | 12-20-2019 |
Activity Feed
- Karma Re: -45m@d what it means for to4kawa. 06-05-2020 12:51 AM
- Karma Re: power user pdf for richgalloway. 06-05-2020 12:51 AM
- Karma Re: power user pdf for woodcock. 06-05-2020 12:51 AM
- Karma Re: In Indexing phase, once data is written to disk, it cannot be changed for to4kawa. 06-05-2020 12:51 AM
- Got Karma for In Indexing phase, once data is written to disk, it cannot be changed. 06-05-2020 12:51 AM
- Karma Re: Stats Sum question for niketn. 06-05-2020 12:50 AM
- Karma Re: countfield question for vnravikumar. 06-05-2020 12:50 AM
- Karma Re: confusion with @ symbol for gcusello. 06-05-2020 12:50 AM
- Karma Re: confusion with @ symbol for gcusello. 06-05-2020 12:50 AM
- Karma Re: confusion with @ symbol for niketn. 06-05-2020 12:50 AM
- Karma Re: confusion with @ symbol for gcusello. 06-05-2020 12:50 AM
- Karma Re: Zoom to selection for niketn. 06-05-2020 12:50 AM
- Karma Re: Why dedup when we have stats values function for starcher. 06-05-2020 12:50 AM
- Karma Re: Why dedup when we have stats values function for jpolvino. 06-05-2020 12:50 AM
- Karma Re: Methods to create tables and visualizations for niketn. 06-05-2020 12:50 AM
- Karma Re: Your search did not return any events because you are in Smart Mode. for niketn. 06-05-2020 12:50 AM
- Karma Re: Alert set to medium severity but also creating high severity under alert list for niketn. 06-05-2020 12:50 AM
- Karma Re: Lookup table not found for Automatic lookup for ivanreis. 06-05-2020 12:50 AM
- Karma Re: Splunk Architecture in own words for gcusello. 06-05-2020 12:50 AM
- Karma Re: Using 'by' clause overrides 'limit'? for richgalloway. 06-05-2020 12:50 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
05-06-2020
06:24 AM
Data model datasets have a hierarchical relationship with each other, meaning they have parent-child relationships. Data models can contain multiple dataset hierarchies. There are three types of dataset hierarchies: event, search, and transaction.
Dataset types
You can work with three dataset types. Two of these dataset types, lookups, and data models, are existing knowledge objects that have been part of the Splunk platform for a long time. Table datasets, or tables, are a new dataset type that you can create and maintain in Splunk Cloud, and after you download and install the Splunk Datasets Add-on in Splunk Enterprise.
Which would be the correct answer, please?
@admin please don't delete my question.
... View more
- Tags:
- splunk-enterprise
04-09-2020
05:20 AM
I don't see your email ID, would you mind sharing one please.
@gcusello
... View more
04-09-2020
05:17 AM
Thank You, I want to send an email, it's not for public to see. Thank You Sir. I will send an email to you.
Regards
Suman P.
... View more
04-09-2020
04:39 AM
is there a messaging option available here please. I want to send a direct message to someone, it is for professional purposes only. Or is there a way to send the question to one person without others seeing it
Regards
Suman P.
... View more
- Tags:
- splunk-enterprise
04-05-2020
05:46 AM
Once compressed, Splunk data cannot be changed? Can someone guide me to the proper reference article
... View more
- Tags:
- splunk-enterprise
04-04-2020
09:56 PM
1 Karma
In Indexing phase, once data is written to disk, it cannot be changed, I think the answer is YES. Kindly explain more in a line or two
... View more
- Tags:
- splunk-enterprise
Labels
- Labels:
-
other
04-04-2020
09:46 PM
Hi @gcusello hope you are doing good,
As far as I understand, m@d means, beginning of the day, and -45m@d means, 45 minutes before the beginning of the day. Kindly correct me, I am always confused with this
... View more
- Tags:
- splunk-enterprise
01-17-2020
05:59 AM
Please share the power user pdf with me. Can you. I want to prepare on my own reading it.
... View more
- Tags:
- power-user
01-07-2020
08:49 AM
Hello,
Now that I am done with the exam, I want to explain Splunk Architecture in my own understanding elements. Kindly correct me if possible.
Step 1: Machine data is generated (suppose from a company A).
Step 2: Splunk forwarder which is installed on A's web server gets the data.
Step 3: Heavy forwarder parses the data and masks the data as needed.
Step 4: The data is sent to Universal forwarder.
Step 5: Universal Forwarder forwards the data to Indexer.
Step 6: Indexer indexes the data, transforms raw data into events and stores the data into the Index.
Step 7: When any user enters a search string on the search head, it distributes the data to the Indexer Indexer returns the result to the search head where it enhances the result and displays it to the user.
Step 8: User may use this data for statistics and visualization perspective.
... View more
- Tags:
- splunk-architecture
01-06-2020
03:31 AM
I have used the following
source="C:\Users\spali\Downloads\products\*" host="DESKTOP-K35HBNT"
| top product_name price by Code limit=5
Code product_name price count percent
A Mediocre Kingdoms 24.99 1 100.000000
B Dream Crusher 39.99 1 100.000000
C Final Sequel 24.99 1 100.000000
D World of Cheese 24.99 1 100.000000
E World of Cheese Tee 9.99 1 100.000000
F Puppies vs. Zombies 4.99 1 100.000000
G Curling 2014 19.99 1 100.000000
H Manganiello Bros. 39.99 1 100.000000
I Manganiello Bros. Tee 9.99 1 100.000000
J Orvil the Wolverine 39.99 1 100.000000
K Benign Space Debris 24.99 1 100.000000
L SIM Cubicle 19.99 1 100.000000
M Holy Blade of Gouda 5.99 1 100.000000
N Fire Resistance Suit of Provolone 3.99 1 100.000000
O Grand Theft Scooter 24.99 1 100.000000
P SIM Cubicle Tee 9.99 1 100.000000
I should have got only 5, Why is that I am getting more than that?
... View more
- Tags:
- top
- transforming
01-06-2020
01:08 AM
@gcusello
9:37 -30m@h
Sorry for asking this again. As far as I understand, I will tell you kindly correct me.
@h is current hour, which goes to 9. -30m which is 30 minutes before current hour, so it will be 8:30 - 8:59.
9:37 -30m@d
@d is current day at 0:00 hours. so -30m would be yesterday 23:30 to 23:59.
... View more
- Tags:
- timerangepicker
01-05-2020
08:49 AM
2020-01-05 22:14:20 India Standard Time Splunk Web login attempts search Real-time High Per Result View results | Edit search | Delete
2020-01-05 22:14:20 India Standard Time login search Real-time Medium Digest View results | Edit search | Delete
I set alert to medium severity and I set it to Once, not per result. I made 5 login failures continuously. At first, I got medium as expected but then I got High. Why is this behavior?
... View more
- Tags:
- severity
01-05-2020
02:39 AM
I have created a lookup table suppose productext.csv. I went to the Automatic lookup screen and selected the dropdown of lookup table field. I don't find the table. I am in the same app though. Can you please tell me what might be the reason?
@gcusello
... View more
- Tags:
- automatic-lookup
01-04-2020
09:45 PM
License Master is installed during the input phase or on the indexer? Kindly clear the confusion, I was thinking it happens at the input phase itself.
... View more
- Tags:
- license
Labels
- Labels:
-
license
01-03-2020
09:44 PM
@gcusello @richgalloway @woodcock
Your search did not return any events because you are in Smart Mode.
In what all scenarios do I get this?
... View more
- Tags:
- mode
- search-mode
01-03-2020
08:51 PM
Thank You.
... View more
01-03-2020
10:00 AM
Why does when we run timechart, search mode changes to verbose? I ran this with smart mode and suddenly see it in verbose mode
... View more
- Tags:
- timechart
01-03-2020
09:58 AM
There are three ways
1. We can use SPL to write transforming commands like chart and timechart and create tables and visualizations
2. We can use pivots
These two are okay.
We can create from the fields sidebar. I don't know how is it done?
If I select any field and click on quick reports, it create visualizations for sure but the events are not in tabular format. Kindly clear the confusion.
... View more
- Tags:
- visualizations
01-03-2020
08:59 AM
@gcusello @woodcock @richgalloway
Why do we need two functions for the same functionality?
'dedup' displays unique values while 'stats values' do the same, is there any difference other than 'stats' is transforming command and 'dedup' is not?
... View more
01-03-2020
04:59 AM
I know that. My question is, will 'zoom in' will go for re-execution of a search or no after selecting a particular set of time ranges from the timeline.
... View more
01-03-2020
02:53 AM
I know that 'Zoom out' will make the search to re-execute but I am not sure about 'zoom in' or 'zoom to select'. Kindly let me know if it does?
... View more
- Tags:
- zoom
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:03 AM
|
Karma given to
