crosmc.blogg.se

6 September 2023 - 20:03
Splunk eval string
Allmänt
Splunk eval string





splunk eval string

Given a time represented by a string X, returns value parsed from format Y. Returns epochtime value X rendered using the format specified by Y. Returns X as a multi-valued field, split be delimiter Y. Returns true if the event matches the search string X If Y is not specified, spaces and tabs are trimmed. Returns X with the characters in Y trimmed from the right side. Returns X rounded to the amount of decimal places specified by Y. Returns date with the month and day numbers switched, so if the input was the return value would be : replace(date, "^(\d)/", "\2/\1/") Given epochtime time X and relative time specifier Y, returns the epochtime value of Y applied to a string formed by substituting string Z for every occurrence of regex string Y in string X. Returns a pseudo-random number ranging from 0 to 2147483647 Given two arguments, fields X and Y, and returns the X if the arguments are different returns NULL, otherwise This function takes no arguments and returns NULL. Returns the current time, represented in Unix time. Given a multi-valued field X and string delimiter Y, and joins the individual values of X using Y. Returns a subset of the multivalued field X from start position (zerobased) Y to Z (optional). Returns the MD5 hash of a string value X.įilters a multi-valued field based on the Boolean expression X. Returns X with the characters in Y trimmed from the left side. Returns the log of the first argument X using the second argument Y as the base. Returns TRUE if and only if X is like the SQLite pattern in Y. This function returns the character length of a string X If X evaluates to FALSE, the result evaluates to the third argument Z. If X evaluates to TRUE, the result is the second argument Y. Returns the first value that is not null.Įvaluates an expression X using double precision floating point arithmetic. Identifies IP addresses that belong to a particular subnet. Takes pairs of arguments X and Y, where X arguments are Boolean expressions that, when evaluated to TRUE, return the corresponding Y argument.Ĭase(error = 404, "Not found", error = 500,"Internal Server Error", error = 200, "OK")







Splunk eval string
0 kommentar(er)
Om Mig: