×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
jamesfdally
Explorer
Member since: ‎08-24-2017
‎10-22-2020
Community Statistics
Posts 7
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎08-24-2017
Activity Feed
View All

Re: Wildcards in the middle and end of a string

by in Splunk Dev
‎01-11-2019 02:30 PM
‎01-11-2019 02:30 PM
try index=DBG_SYS sourcetype=DBG_SYS msg="Shelf 1 congestion, resource cps level 2." | append [| search index=DBG_SYS sourcetype=DBG_SYS | regex msg="Shelf 1 slot\s(\d{1,2})\scongestion, resource cpu level\s(\d{1,2})" ] | rex field=msg "cpu level+\s(?<level>\d+)" | rex field=msg "cps level+\s(?<level>\d+)" | where level>0 | eval local_date_hour=strftime(_time,"%H") | stats by local_date_hour host msg | table local_date_hour host msg count(code) | rename count(code) as hits | rename local_date_hour as Hour | sort by Hour ... View more

Re: I am using a lookup table and I only want the ...

by in Splunk Search
‎01-30-2018 07:31 AM
‎01-30-2018 07:31 AM
Glad we found you two working solutions! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-22-2020 11:00 AM
Karma given to
View All