We have a sourcetype and I am trying to filter and everytime I do it shows not events. But I know that there are events.
In splunk it is showing that we have field called Target
portal.office.com 2,456 36.374%
api-gateway.drcedirect.com 1,744 25.829%
campus.fultonschools.org 1,624 24.052%
10.204.7.1 580 8.59%
10.202.5.86 348 5.154%
But when I try and filter on one of the targets it shows no events and says no results found.
This is the code that I am using
index=uberagent sourcetype=uberAgent:Script:NetworkHops Target="api-gateway.drcedirect.com"
This is a sample of the data
{
"TestName":"",
"IpAddress":"10.255.255.40 10.202.96.31",
"Target": "api-gateway.drcedirect.com",
"HopsNum":"15",
"HopName":"50.58.190.47",
"ASN":"AS394714",
"ASNOwner":"DRC ",
"LossPercent":"0.0%",
"HopIP":"50.58.190.47",
"AvgRTT":"41",
"MinRTT":"41",
"MaxRTT":"43"
}
Any help would be great
... View more