Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Deprasad
Deprasad
Path Finder
Member since:
01-02-2020
10-07-2022
Community Statistics
| Posts | 16 |
| Solutions | 1 |
| Karma Given | 2 |
| Karma Received | 2 |
| Member Since | 01-02-2020 |
Activity Feed
- Posted Using Drilldown feature: How to define different queries for different rows based on selection? on Dashboards & Visualizations. 10-07-2022 12:26 AM
- Got Karma for Re: Query to get Percentage using two Queries.. 08-30-2022 09:42 AM
- Posted Re: Query to get Percentage using two Queries. on Monitoring Splunk. 08-30-2022 07:19 AM
- Posted Query to get Percentage using two Queries? on Monitoring Splunk. 08-30-2022 05:30 AM
- Got Karma for Schedule CSV of Splunk Dashboard. 10-26-2021 06:05 AM
- Posted Schedule CSV of Splunk Dashboard on Dashboards & Visualizations. 06-09-2021 07:35 AM
- Posted Re: Regex not working on Dashboards & Visualizations. 01-08-2021 03:20 AM
- Posted Re: Regex not working on Dashboards & Visualizations. 01-08-2021 03:16 AM
- Karma Re: Regex not working for ITWhisperer. 01-08-2021 03:15 AM
- Posted Regex not working on Dashboards & Visualizations. 01-08-2021 01:15 AM
- Karma Re: How to extract the dates in order in a dashboard for richgalloway. 06-05-2020 12:51 AM
- Posted Re: How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 11:58 PM
- Posted Re: How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 05:52 AM
- Posted How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 05:05 AM
- Tagged How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 05:05 AM
- Tagged How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 05:05 AM
- Tagged How to extract the dates in order in a dashboard on Dashboards & Visualizations. 02-17-2020 05:05 AM
- Posted Re: How to pick multiple value which has same key name on Getting Data In. 01-09-2020 04:02 AM
- Posted Re: How to pick multiple value which has same key name on Getting Data In. 01-09-2020 04:02 AM
- Posted Re: How to pick multiple value which has same key name on Getting Data In. 01-09-2020 04:00 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
10-07-2022
12:26 AM
I have a query which displays top 10 consumed sourcetype. I would like to enable drilldown to achieve the below task.
When user clicks on a particular row, it should open a new tab and a new query should get executed for each row .
Right now, I have enabled Drilldown ->On Click-> Link to Search->Custom->Search String->Apply. In this way I can have the same query gets executed on selection of any rows. But I would like to define different queries for different rows based on the selection. Is this possible with Drilldown?
... View more
- Tags:
- drilldown
Labels
08-30-2022
07:19 AM
1 Karma
Thanks for this query @richgalloway ! It worked. Further I added the below piece of query to get the percentage. | eval Error_Percentage=round(100*count/Total_Transaction,2)."%" | table Error_Message,count, Error_Percentage
... View more
08-30-2022
05:30 AM
I've 2 queries, 1 will give the the total no of events and the other will give the counts by error type. I'm trying to join the two queries so that I can get the percentage of each error type. Query 1: index=app "ResponseLoggingFilter" "Operation" | stats count as Total_Transaction Query 2: index=app "ResponseLoggingFilter" "Operation" NOT "OK" NOT "1041" | rex "(?:.+message\"\:\")(?<Error_Message>.+)(?:\"\,)" | stats count by Error_Message
... View more
Labels
- Labels:
-
monitoring console
06-09-2021
07:35 AM
1 Karma
I would like to have my dashboard delivered in CSV format rater than PDF. Is it possible in Splunk? I have a total of 90 panels so can't rely on Reports. Please clarify
... View more
Labels
- Labels:
-
drilldown
-
table
-
trellis layout
01-08-2021
03:20 AM
Thanks!! The payload you used in the regex101 is not same as the provided. Though it worked in Regex101, still faced the same issue with Splunk. Tried the solution suggested by @ITWhisperer and it worked.
... View more
01-08-2021
01:15 AM
Trying to Pick domainType and domainName from below log using the below regex: It works in regex101 but not in Splunk, it gives a blank column. domainName - rex"(?:domainName\\\"\:\\\")(?<domainName>([a-zA-Z0-9-\.]+))" domainType - rex"(?:domainType\\\"\:\\\")(?<domainType>\w)" "payload":"{\"domainType\":\"L\",\"modifiedBy\":\"\",\"relayHost\":\"\",\"rewriteDomain\":\"\",\"wildcardAccount\":\"\",\"domainName\":\"xxx.yyyyy.com\"}"},"encoding":null,"contentType":"application/json","responseCode":null}
... View more
Labels
- Labels:
-
table
02-17-2020
11:58 PM
strptime(Date, "%m/%d") gave a blank result for Date. Gone through Splunk documentation and found for epoch time conversion the command is strftime(x,y).
Thanks for the help..!!
... View more
02-17-2020
05:52 AM
Thanks..! This is working, however the date field is in epoch format.
... View more
02-17-2020
05:05 AM
I have a query which extracts counts for last 30 days. But the dates are not in proper order in result.
index = *** "search phrase" | stats count by date_mday | rename date_mday as Date
If i make a search today for last 30 days, the result should be in the below order .
01/18, 19, 20 .......... 02/16,02/17.
... View more
01-09-2020
04:02 AM
Thanks @groktrev !! It worked with max_match command.
... View more
01-09-2020
04:02 AM
Thanks @to4kawa !! It worked with max_match command.
... View more
01-09-2020
04:00 AM
Thanks for the suggestion @niketnilay !!
... View more
01-09-2020
03:59 AM
@aberkow - Thanks a lot..!! It worked like a charm.
... View more
01-03-2020
02:40 AM
Log looks like this.
{...\"Key_name\":\"Value\",....},
{...\"Key_name\":\"Value\",....},
{...\"Key_name\":\"Value\",....},
{...\"Key_name\":\"Value\",....},
My query now extracting the first field alone. I've created a query which extracts all 4 value using append search with subsequent string from each row but the search takes lots of time since it involves 4 append search.
All i need now is to fetch all 4 value into the column key_name in a single query.
... View more
01-02-2020
05:03 AM
I have a report generated with following fields,
Field 1 , Field 2, Field 3.
I have to create an alert based on the Field 1(it's a phone number field which consists 0-9 , - , +, *) value satisfying below condition.
• Number starts with 101 and is greater than 5 digits
• Number starts with *xy101 and is greater than 8 digits
• Number starts with *xy011 and is greater than 8 digits
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-07-2022
08:12 AM
|
