×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
fli
Explorer
Member since: ‎04-03-2017
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎04-03-2017
Activity Feed
View All

Re: How to create a conditional search if license ...

by in Splunk Search
‎06-15-2017 06:30 AM
‎06-15-2017 06:30 AM
thanks somesoni2, it works!! ... View more

How to create a conditional search if license usag...

by in Splunk Search
‎06-14-2017 12:29 PM
‎06-14-2017 12:29 PM
There is default license alert when license usage is greater 80%, then you will get email notification. The alert is like " | rest splunk_server=local /services/licenser/pools | rename title AS Pool | search [rest splunk_server=local /services/licenser/groups | search is_active=1 | eval stack_id=stack_ids | fields stack_id] | eval quota=if(isnull(effective_quota),quota,effective_quota) | eval "% used"=round(used_bytes/quota*100,2) | fields Pool "% used" | where '% used' > 80 " Is there possible to create another alert that if the license usage is greater 80%, then sent the alert along with the top 10 usage hosts? it's like the conditional search. ... View more

Re: Using dedup to keep the oldest events

by in Splunk Search
‎04-04-2017 12:41 PM
1 Karma
‎04-04-2017 12:41 PM
1 Karma
maybe the correct is: Your_search | reverse | dedup ... ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All