×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
spohara79
Explorer
Member since: ‎11-08-2017
‎06-05-2020
Community Statistics
Posts 6
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎11-08-2017
Activity Feed
View All

Re: Related Fields

by in Splunk Search
‎07-19-2018 02:49 PM
‎07-19-2018 02:49 PM
I did give some example events and which matches, but to clarify.. out of the above, only one event matches (the even with file_name cmd.exe) As a joined search I use the following: file_name=java.exe | join max=0 process_id [search file_name=cmd.exe | eval process_id=parent_process_id] it just seems to take too long as a join. ... View more

Re: How can I search for events that match two sub...

by in Splunk Search
‎11-09-2017 10:14 AM
‎11-09-2017 10:14 AM
You got it! Glad I could help. 🙂 ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All