×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
straffin
Explorer
Member since: ‎06-02-2010
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎06-02-2010
Activity Feed
View All

Re: IBM BigFix SOAP API via connector to Splunk as...

by in All Apps and Add-ons
‎11-20-2014 06:53 AM
‎11-20-2014 06:53 AM
Info on BigFix's SOAP API is going to best be found over at IBM: https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/TEM%20SOAP%20API ... View more

Re: How to delete data based on search results in ...

by in Splunk Search
‎06-03-2010 05:21 PM
1 Karma
‎06-03-2010 05:21 PM
1 Karma
I tried replacing the single-quotes with double-quotes... C:\Program Files\Splunk\bin>splunk search " | oldsearch delete::sourcetype::WinRegistry" ... and it appears to be working fine. (There was an error at the end about exceeding the maximum time limit, but it worked nonetheless.) ... View more

Re: How to delete data based on search results in ...

by in Splunk Search
‎06-03-2010 05:19 PM
‎06-03-2010 05:19 PM
Well now I feel like a total newb. 😕 After trying some other things, I had simply tried the command as listed in the 3.4.14-centric article listed above and, when it failed, I (in frustration) moved on to more searching and asking here. Just now, I tried replacing the single-quotes with double-quotes... C:\Program Files\Splunk\bin>splunk search " | oldsearch delete::sourcetype::WinRegistry" ... and it appears to be working fine. Thanks for the encouragement to look at it again, anyway. 🙂 ... View more

How to delete data based on search results in 3.4....

by in Splunk Search
‎06-02-2010 06:29 PM
‎06-02-2010 06:29 PM
I'd like to remove all data that matches a given search from my Splunk 3.4.14 for Windows install. I've found Windows-centric examples for earlier versions that don;t work for 3.4.14 (at http://www.splunk.com/base/Documentation/3.1.3/Admin/DeleteDataFromTheIndex) and 3.4.14-centric examples that don't work under Windows (at http://www.splunk.com/base/Documentation/3.4.14/Admin/RemoveDeleteData) Anyone know what I need to do to delete indexed data based on search results in 3.4.14 for Windows? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:02 AM
Karma from
View All