Hi,  I script something by myself and I want to share it with you.   https://github.com/Gotarr/Splunkbase-Download-script  (python-script) My Inspiration is from @tfrederick74656  but his script dosnt work for me very well.   Happy splunking and let me know if something dosnt work.   ... View more

Sorry dont work this way for me. there are these empty table slots with two or more entries behind (same time stamp)   maybe u got any other ideas? ... View more

ah maybe its important to say  my setupup is a Index Cluster (3 indexer)  ... View more

Hi Tanks for all your replys. @ITWhisperer  well thats right but i cant see the single logs in my table because of the same time stamp. @s2_splunk my table should seperate all single logs for my dashboard. Maybe it helps if i say i need to improve the timestamps f.e. toady:05:45:03.624 --> 05:45:03.624xxxx  you know what i mean? @m_pham i will try it give me a moment 🙂   My goal is it to display the search on my dashboard for my firewall guys. they want a global view of the genugate (btw the 2 firewalls log with one IP because there is only one page for the config) This "global table" is for alarming and counting events. The next step is to split both logs for seperate detail searches (each firewall with there own table). I hope you understand my plan, sorry for my simple broken english 🙂 ... View more