cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
adamscaa1
Explorer
Member since: ‎03-13-2023
‎12-08-2023
Community Statistics
Posts 8
Solutions 0
Karma Given 5
Karma Received 0
Member Since ‎03-13-2023
Activity Feed
View All

Re: Why is SA-cim_Vladiator stuck on one datamodel...

by in All Apps and Add-ons
‎08-11-2023 09:19 AM
‎08-11-2023 09:19 AM
Hello Giuseppe,  Yes, I have been using the CIM app for some time now. I am at version 5.1.1. ... View more

Why is SA-cim_Vladiator stuck on one datamodel?

by in All Apps and Add-ons
‎08-10-2023 10:51 AM
‎08-10-2023 10:51 AM
Downloaded SA-cim_Vladiator app on my splunk enterprise , however it's stuck on search type= _raw and Target Datamodel= "Network_Traffic" which is grayed out and I can't select any different datamodels. Could anyone provide any info to help me get this working correctly.   Thanks all ... View more
Labels

Re: Find events for only host names listed in my l...

by in Splunk Search
‎03-15-2023 07:05 AM
‎03-15-2023 07:05 AM
Thanks all, I was able to accomplish what I needed using the following. To get me the hostnames matching events from my lookup this worked. <search> [| inputlookup <lookup file> | rename HostName as host | fields host | format] To get "HostNames" of which no events were found meaning they are not sending anything. This worked... | inputlookup <lookup file> where NOT [ search <base search> | stats values(host) as HostName ] Thanks again to all who help me with this. ... View more

Re: Find events for only host names listed in my l...

by in Splunk Search
‎03-15-2023 06:56 AM
‎03-15-2023 06:56 AM
Thanks, that works perfect.. ... View more

Re: Find events for only host names listed in my l...

by in Splunk Search
‎03-15-2023 06:29 AM
‎03-15-2023 06:29 AM
I have about 30 host names on my lookup. ... View more

Re: Find events for only host names listed in my l...

by in Splunk Search
‎03-14-2023 11:57 AM
‎03-14-2023 11:57 AM
Thank you, this works perfect to get me the host matching events. So, now I need to see the "HostName" of which no events were found meaning they are not sending anything. Using a NOT it just gives me all host not on the lookup list. How can I get a list of the hostnames from the lookup with no recorded events at all. <search> NOT [| inputlookup <lookup file> | rename HostName as host | fields host | format] Thanks,   ... View more

How to find events for only host names listed in m...

by in Splunk Search
‎03-14-2023 10:15 AM
‎03-14-2023 10:15 AM
I have a lookup file of HostNames HostName Host1 Host2 Host3 Host4 Host5   I would like to create a search to include events that are only from these hostnames listed in my lookup file.  How do I do this.? Which "host" field matches the "Hostname" field in my lookup file. An example would be, I am looking for which of these host that are sending windows security logs or not. I know all these systems should be, but some are not, and I want to know which ones are and which one are not using the lookup file. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎12-08-2023 05:36 PM
Karma given to