Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Rakesh915473
Rakesh915473
Explorer
Member since:
07-08-2021
07-23-2021
Community Statistics
| Posts | 12 |
| Solutions | 0 |
| Karma Given | 4 |
| Karma Received | 0 |
| Member Since | 07-08-2021 |
Activity Feed
- Posted Re: How to skip/ignore one letter character from filtered log on Splunk Search. 07-23-2021 04:07 AM
- Posted Re: How to skip/ignore one letter character from filtered log on Splunk Search. 07-23-2021 02:58 AM
- Posted How to skip/ignore one letter character from filtered log on Splunk Search. 07-23-2021 01:28 AM
- Posted Re: How to get data from log and count event values on Splunk Search. 07-23-2021 12:21 AM
- Posted Re: How to get data from log and count event values on Splunk Search. 07-19-2021 12:32 AM
- Karma Re: How to get data from log and count event values for venkatasri. 07-19-2021 12:24 AM
- Karma Re: How to get data from log and count event values for kamlesh_vaghela. 07-18-2021 11:49 PM
- Posted Re: How to get data from log and count event values on Splunk Search. 07-15-2021 10:09 PM
- Posted Re: How to get data from log and count event values on Splunk Search. 07-15-2021 09:54 PM
- Karma Re: How to get data from log and count event values for splunkerer. 07-15-2021 09:52 PM
- Posted Re: How to get data from log and count event values on Splunk Search. 07-15-2021 12:33 AM
- Karma Re: How to get data from log and count event values for splunkerer. 07-14-2021 11:58 PM
- Tagged How to get data from log and count event values on Splunk Search. 07-14-2021 11:24 PM
- Posted How to get data from log and count event values on Splunk Search. 07-14-2021 11:10 PM
- Posted Re: Sum Field value with no duplicates and how to timechart it. on Splunk Search. 07-08-2021 10:47 AM
- Posted Re: Sum Field value with no duplicates and how to timechart it. on Splunk Search. 07-08-2021 10:44 AM
- Posted Sum Field value with no duplicates and how to timechart it. on Splunk Search. 07-08-2021 04:59 AM
- Tagged Sum Field value with no duplicates and how to timechart it. on Splunk Search. 07-08-2021 04:59 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
07-23-2021
04:07 AM
Thankyou @ITWhisperer
... View more
07-23-2021
02:58 AM
Great @ITWhisperer , Thanks :), It's Working. Can we also skip/ignore particular word in output. Ex: Lets say, string_list= '%25USELESSWORD%25, %25HELLO%25' I want to ignore 'USELESSWORD'.
... View more
07-23-2021
01:28 AM
Hello Team, rex field=_raw "string_list=%25(?<new_field1>\w+)%25" Above condition will get a word between %25 to %25, If I get any one/two letter word, I want to ignore/skip it. Thanks for the help in advance. @field-extraction
... View more
07-23-2021
12:21 AM
Hi @venkatasri Can we skip one/two letter words, How can we do it from above search string?
... View more
07-19-2021
12:32 AM
@splunkerer Accepted. | rex field=_raw "our_list=%25(?<new_field1>(!school|collage)\w+)" | rex field=_raw "string_list=%25(?<new_field2>(!school|collage)\w+)" Unfortunately, School and collage is not excluding, moreover no data is showing, If I add "| stats count by new_field new_field2" How can we make it work?
... View more
07-15-2021
10:09 PM
Hi @kamlesh_vaghela, Why rex field=_raw ?? is it not supposed to be rex field=message as per my logs. Please confirm why you mentioned _raw as field.
... View more
07-15-2021
09:54 PM
@splunkerer Great explanation 🙂 Very nice of you 🙂
... View more
07-15-2021
12:33 AM
Thankyou @splunkerer , It's working 🙂 Couple more questions please. 1) Could you please explain me in detail what this expression does, Please 🙂 (?<new_field>\W+) 2) If I want to exclude particular values fetch from new_field1 and new_field2. Ex: school and collage
... View more
07-14-2021
11:10 PM
Hello Team, I'm very new to splunk, I have below two logs "message": "api.main REQ user1 10.10.44.76 \"GET /api/v1/data?my_list=%25geo%25&our_list=%25school%25&query_string_list=%25college%25&page=1&per_page=100\" "message": "api.main REQ user2 10.10.14.16 \"GET /api/v1/data?my_list=%25geo%25&our_list=%25office%25&query_string_list=%25school%25&page=1&per_page=100\" I want to get data between "%25school%25" -> school. So contains log1: school, collage log2: office, school We can count and show: school=2, office=1,collage=1, If possible we can plot in time chart 🙂 Thanks in advance.
... View more
- Tags:
- field-extraction
07-08-2021
10:47 AM
Hi @venkatasri I want to print field value to be plotted(real time) in chart Ex: username: 11
... View more
07-08-2021
10:44 AM
Hello @kamlesh_vaghela Thanks for replied, I can see how many times username is triggered count in time chart, But I want to see field username total count 3(Rakesh, Anitha, Harika) to be plotted in Y-axis, date time is fine on x-axis. Here username is updated from log all the time, I want to see this total count 11(real time) to be plotted in time chart Y-axis and date time on x-axis. Thanks in advance for your help.
... View more
07-08-2021
04:59 AM
Hello Team, I have just started learning Splunk 🙂 Example: I have done basic search index="xyz" | I have got some logs like below Event1 : Field Value username Rakesh timestamp 10AM Event 2: Field Value username Anitha timestamp 11AM Event 3: Field Value username Rakesh timestamp 12PM Event 4: Field Value username Harika timestamp 1PM So, I want a total username count 3 (ignoring duplicate Field Rakesh) and I want to display timechart x-axis: timestamp and y-axis: username total count.
... View more
- Tags:
- sum
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
07-23-2021
06:12 AM
|
