As per below screen shot i created toggle tabs and when i used the in by below panel results are not poplutating. Please let me know what i am doing wrong ? ... View more

Hello Guys, I want one as shell script in which i want to extract only sourcetype name and TIME_FORMAT attribute from the props.conf. I tried to extract but some how it is not exactly extracting the results.   ls l grep 'TIME_FORM*' props.conf | awk '{print $0}' | sed 's/E_FORMAT=/ / I tried for timeformat but i want sourcetype ne and its respective timeformat.Can anyone suggest this.   ... View more

Hello Guys, Below is my initial event and i want to break each from the staring of this event. As i tried various attributes in props.conf but no luck to break the event from this line. I used as of now: LINE_BREAKER = ^\*{22}\n\w+\s\w+\s\w+\sstart\n\Start\stime\:\s\d{14} TIME_PREFIX = ^\*{22}\n\w+\s\w+\s\w+\sstart\n\Start\stime\:\s TIME_FORMAT= %Y%m%d%H%M%S   ********************** Windows PowerShell transcript start Start time: 20210223060505   Please suggest me what i did wrong in above props. ... View more

I want to add one panel in my dashboard which shows only bulletin message ... How should i proceed with this .. Is this is possible with xml or do i need js ? Please suggest  ... View more

Hello members,   Can you help me out to find out , what will be exact timeformat for this time below and timeprefix as well.  [2021-01-29T08:05:10-05:00]   Thanks in advance. ... View more

I want to exclude this event "values='{CARD}hfgjllanabbflvh=='} from the server. Please suggest me regex for this and suggest me the props and transforms for this. Below the sample event: ' weblogic.server values='{CARD}hfgjllanabbflvh=='} [Sourcetype] SHOULD_LINEMERGE = false TRANSFORMS-mask = one   [one] REGEX = FORMAT =  DEST_KEY =  ... View more

Hello Members, I need some suggestions and help. As per my screenshot we can see my events is skipped from 7:17 pm to 8:17 pm. So because of that user complaint for not getting any alerts during that period. Please suggest me how can i further troubleshoot this issue and find out the reason.   ... View more

How can i use multiple NOT condition in my second eval function. My attribute is there state_desc!="ONLINE" OR state_desc!="OFFLINE" In above condition i always returned only first value not for the second one.   Is need to use LIKE , match or any other command because result is in string .please suggest   ... View more

Hello , I am not getting any result while executing below query. Can you please help me to know what i am doing wrong with the eval command with if condition below.       ... View more