The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.

Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.

Forums: Posted by woodcock

Topics 1–2 of 2

Topic	Author	Replies	Latest Post
Using "eventtype" inside "if" function of "eval" command In: SplunkSearchAndAlert (Not tagged) I have an event defined like this in eventtype.conf: [SOME_EVENT] search= index=SOME_INDEX (SOME_OTHER_FIELD=A ...	woodcock Posts	1	19 months ago...
Click on octothorpe ('#') on "Picke Fields" screen does what exactly? In: SplunkGeneral (Not tagged) If you teach me how to do attach/include screenshots, I will. BTW, can you edit the "Subject" and ... I expected it to sort based on the highest/lowest number of values which would move all the ">100" fields ...	woodcock Posts	2	28 months ago...

Forums: Posted by woodcock

Description:

Permalink:

Splunk.com

Product:

Solutions:

Industries:

Partners:

About_us:

Support:

Services:

Resources:

Download