hello sir...your tutorial helped me finding a job in splunk in reputed company so thanks a lot...can you plz let me know how would i get the eval query you shown in this video

I have read some blog that mentioned "if we new to splunk needed direction on where to start, then always start with stats and eval commands"....This is one of the the Amazing Tutorial for eval commands !!!!! Awesome Explanation !!

You are truly passionated about teaching or helping others . I respect you sir.

Really nice teaching...with detail example...thanku sir

Thank you for this video.it hepled me for my project. I m apperciated by my teams and managers. Keep it up.👍

Kudos to you!! Excellent teaching with clear examples👍👍🙏

Best Splunk tutorial I have seen till now. Thanks a lot.

Thank you so much !!!! Very detailed Explanation..............one of the best Video Tutorial I have ever seen for slunk!!!!!!!!!!!!! Keep Rocking !!!!

Awesome examples. Good job 👍🏻

Guru ko pranaam.

You are awesome. Great learning

Nice tutorial!! Really enjoying it!

This was a good quick course on eval, thanks! Keep the good work going!

Excellent videos

Amazing explanation for all the Commands and Functions!!

Thanks alot for the video... one of the best tutorial on splunk and explained with so much ease.

Wow! Very wonderful explanation. Easy to follow and understand . Thank you so much !! Do you have any videos about splunk ITSI and Splunk enterprise security. That would be a huge help. Thank you Again ..

eval is one of the most versatile commands Splunk has! Awesome coverage of it. #splunkyoutubers

Its helpful..thank you

Amazing video..Thank you so much..

Kudos.. I am going to read all your tutorials. very beautiful. why dont you put them in udemy.

Brilliant tutorial. Thanks for doing this.

Very useful Siddhartha, keep your good work

Great ! Thanks.

Thank you!

Hi there, i have a question regarding the chart command. I am trying to execute a search splunk command that shows both the count and percentage of the count in one chart command: so here is an example of splunk command that currently only shows the count and the total count: source="xyz" http_status_code | chart count by path_template, http_status_code | addtotals col=t This command shows each count of the http_status_code (y axis) and the path_template (x axis) and showing the total of the counts of all the http_status_code. Now i need to add the percentage (count/total) of each count when i know the number of counts. e.g. 40 (5%) or something like that. How would i do that using chart? Thanks!

Very very interesting and well narrated the use cases, thanks alot bro... love with you n thanks for great help

Hi Best tutorial... thanks Can you make a vedio ...How to configure health check (monitoring Console) server in one server for distributed environment in splunk

Hi Siddarth, Its wonderful explanation, I would like to enroll to this course if are you providing online training on Advanced power user. Please share communication details for enrollment.

I truly adore your hard work in helping people who have started to know what Splunk is all about. I have a doubt while explaining the case, validate and if.. command. Why are you using double quotes for field values and single quotes for the field name?

You are really really a very good instructor, you teach so nicely. Covering all points very well. So much respect for you Sir. Do you hv your any particular classes in regular basis I want to join that for advanced learning.

Awesome Teaching !!! Can you take similar kind of session on Stats command

@"Splunk & Machine Learning" - Thank you for the great lesson on "eval" command. My question is, these Fields and values you add using "eval" command, is there a way to make them permanent? After I logout and login again, they are back to the default value names. Thanks in advance

AAAwesome tutorial! Thanks!

Hi great tutorial could you please help me with one solution? Im using if function to find the field contains a name but user can insert that name in any case. Like i want to search Vishal but value could be vishal or VISHAL or vISHAL or Vishal. Presently im getting exact match for Vishal only. What if want result shouldn't be case sensitive?

Hi Sir, I am a beginner at Splunk and I am stuck in a case. How can I get the User-agent from Request Heder in Splunk. I mean to ask what query should I write for this?? Please help !!

if we do "ps -ef | grep sh", few .sh scripts are running on servers, so if the .sh scripts are not running we need to get the alert, could you pls help me how I can write this

Hi Sir.. thank you for the video.. one question .. in this , you have showed how to access free Linux console in Google cloud. I tried, But Google cloud is not accepting payment from most of the reputed banks in India. Could you please share an alternative option to use Linux server for free(like cloud Google). Though this question is slightly away from the topic, this is a showstopper for me to learn further. So could you pls suggest an alternative.

Hello Sir, Would you kindly tell us, where to get Logfiles so that we can study splunk in more detail?

How to use like function when both the field values are true. eg Requirement is when both First_1 and Last_1 values are true it should display true for rest it should display false. When I use the below syntax it is throwing error. index=main sourcetype=csv | eval new_field = if( like ('first name', "First_1", 'Last name', "Last_1") "true", "false") | table "first name" "last name" new_field Error in 'eval' command: The expression is malformed. Expected ). The search job has failed due to an error. You may be able view the job in the Kindly let me know how to write a SPL query in this case.

Can you give training one on one?