Splunk : Discussion on tag knowledge object and "tags" command
Рет қаралды 5,576
Күн бұрын
@sajalbansal8586 3 жыл бұрын
Great explanation...specially the difference between event types and tags made it very clear.
@TheSharkdba 4 жыл бұрын
Very well explained. Waiting for your CIM video and how it relates to tagging.
@valarmathijaganathan6694 3 жыл бұрын
Excellent explanation
@rajenderprasad1193 4 жыл бұрын
Best as always.. I have a doubt.. I have two different indexes.. and response time is in one index is totaltime but in another index it is elapsedtime.. is it possible to make both of them to single field..
@splunk_ml 4 жыл бұрын
yes...you can use fieldalias for this kind of purpose.
@tibuuso 3 жыл бұрын
How would you do for IP Subnets? For example, I want to map Subnet into following group/zone. 192.168.0.0/24 -> Apache, 192.168.1.0/24 -> DMZ DNS, 10.0.10.0/24 -> DB Cluster. Then after that, Apache & DMZ DNS will be again grouped as External Host and DB Cluster as Internal Host. Can you share reference on how I might be able to do about these two requirements?
@splunk_ml 3 жыл бұрын
well you can create event types for "Apache", "DMZ DNS" and "DB cluster" type events. In the event type query you can use regex command to filter the data. Then you can create those tags on thos event types. community.splunk.com/t5/Splunk-Search/regex-for-event-type/m-p/39888#:~:text=The%20'regex'%20command%20in%20splunk,use%20the%20'rex'%20command.&text=12%3A13%20AM-,You%20can%20create%20an%20event%20type%20based%20on%20a%20search,to%20match%20against%20your%20expression.
Splunk & Machine Learning
Рет қаралды 6 М.
НОВОСТНИЧОК
Рет қаралды 14 МЛН
Splunk & Machine Learning
Рет қаралды 6 М.
Splunk Talks
Рет қаралды 4,8 М.
Splunk & Machine Learning
Рет қаралды 50 М.
Splunk & Machine Learning
Рет қаралды 53 М.
Splunk & Machine Learning
Рет қаралды 2,7 М.
НОВОСТНИЧОК
Рет қаралды 14 МЛН