Search for device type

0	I want to determine how many times a call has been completed or attempted by searching for a specic device name/type (ex. ABC12345). I've tried sourcetype=ABC, sourcetype="ABC" and get no results. Thank you! search-help asked 07 May '12, 10:39 brian_runyon 11 accept rate: 0%

One Answer:

oldest newest most voted

I'm not sure what kind of data you are looking at but sourcetype classifies the type of data. So, for example access_combined apache web logs, or Windows Event logs etc....Go to Manager -> Search App. Then you'll see a summary of sources, sourcetypes and hosts. You can click on one of those links and it will modify your search specifically to that type of data.

Just put ABC in the your search bar and that will give you what you are looking for or something like host="ABC*" OR host="AB*" etc...which would be more specific than just searching for ABC*.

Take a look at some examples here:

http://docs.splunk.com/Documentation/Splunk/latest/User/Searchexamplestutorial

link

answered 07 May '12, 10:53

sdaniels ♦
4.5k●4●9
accept rate: 34%

edited 07 May '12, 10:59

I think I may have found my answer.

index=eucp | eventstats count(SEP*)

(07 May '12, 11:08) brian_runyon

Post your answer

toggle preview

Follow this question

Email:

RSS:

Answers

Answers + Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

search-help ×227

Asked: 07 May '12, 10:39

Seen: 284 times

Last updated: 07 May '12, 11:22

Search for device type

Follow this question

Splunk Resources

Related questions