×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
klumpba
Engager
Member since: ‎06-17-2010
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 4
Member Since ‎06-17-2010
Activity Feed
Topics I've Started
View All

Re: Custom fields not always showing up

by in Splunk Search
‎06-18-2010 03:57 PM
‎06-18-2010 03:57 PM
Ah, thanks! Tossing "fields" in there did the trick. Thanks! ... View more

Custom fields not always showing up

by in Splunk Search
‎06-17-2010 07:45 PM
4 Karma
‎06-17-2010 07:45 PM
4 Karma
I have a Splunk app that parses some Snort files and assigns some fields to the content. The app works fine from the Splunk web page, but when I use the REST API (via Splunk for Java) I do not get my custom fields back unless they are in the search criteria. For instance, if I search for "src_ip_addr=*" then I will get the fields back in the results, otherwise I don't. I used to get them back regardless in Splunk 4.0. What do I need to change to get them to always come back for my sourcetype? Thanks for any help... -Brian ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:02 AM
Karma from
View All