The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.
Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.
Forums: Posted by anantshah
| Topic | Author | Replies | Latest Post |
|---|---|---|---|
|
Email report only if there are results
In: SplunkSearchAndAlert
(Not tagged)
Great. Thanks for the explanation. I will keep that in mind
Hello, Thanks for the response. I am also using your recommendation but still do not understand the ... sourcetype="access-log" earliest=-1d | regex url="(pdf|zip|ppt|doc|xls|exe|htm|html|mp3|swf|wma|wmv|avi|au|bat|cab|csv|txt|dll|mov|mpg|rtf|wav|vsd|mdb|mpp|docx|xlsx|pptx)$" ... Hello, I have setup a search query that is scheduled to run every hour and alert if there are any ... |
6
|
27 months ago... |