×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
rbellini
Explorer
Member since: ‎09-19-2012
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎09-19-2012
Activity Feed
Topics I've Started
View All

Re: locating dead hosts

by in Splunk Search
‎11-21-2012 11:48 AM
‎11-21-2012 11:48 AM
This presents a totall new concept on locating missing hosts! Thanks! ... View more

Re: locating dead hosts

by in Splunk Search
‎11-21-2012 05:57 AM
‎11-21-2012 05:57 AM
This also worked: | metadata type=hosts | where lastTime <(now()-7200) AND totalCount >0 ... View more

Re: locating dead hosts

by in Splunk Search
‎11-21-2012 05:49 AM
‎11-21-2012 05:49 AM
This almost worked! I made one minor change: | metadata type=hosts | where lastTime < relative_time(now(),"-2h") AND totalCount >0 Thank you! ... View more

locating dead hosts

by in Splunk Search
‎11-20-2012 09:26 AM
‎11-20-2012 09:26 AM
I am trying to get a report of all hosts that have not reported any events in the last 2 hours. I am using: | metadata type=hosts | search totalCount >0 AND lastTime < now-2h It only reports hosts that have a totalCount >0 yet it ignores the lastTime qualifier. Any suggestions? Thank you! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma given to
View All