Skip to content

Instantly share code, notes, and snippets.

@eloisetaylor5693

eloisetaylor5693/Useful splunk commands.md

Last active February 15, 2019 19:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save eloisetaylor5693/f4867ec4d5100aa431b6b5e5d8d83ed7 to your computer and use it in GitHub Desktop.
Save eloisetaylor5693/f4867ec4d5100aa431b6b5e5d8d83ed7 to your computer and use it in GitHub Desktop.
Download ZIP
Useful splunk commands
Raw
Useful splunk commands.md

Useful Splunk commands

Command Purpose
Dedup Distinct results
Substr Substring
Rename Rename a field, so that it can be used in exec command, or for readiblility
Fields Only include these fields in subquery
Table Format results as table

Serilog.Formatting.Compact library logs to the format @mt, but EXEC doesn't understand @mt. So you can use Rename command @mt to mt (or anything else without a special character), for useage by EXEC or other commands

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment