Sagan Sidhu
- Total activity 9
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 2
Activity overview
Latest activity by Sagan Sidhu-
Sagan Sidhu created a post,
Data Limit per collector?
Say my account has a 100GB limit. And I have 2 collectors. Is there a way to split/limit the data limit per collector? This can be a total limit, or an Ingest Rate, per collector. Basically - D...
-
Sagan Sidhu commented,
In case anyone else has the same problem: The issue can also be a user permission problem, of your access to the data, based on your role(s). In my case I had multiple roles assigned to my user, ...
-
Sagan Sidhu created a post,
Uppercase and lowercase functions?
So I have a field, and the values can be: xyz, XYZ, Xyz, XYz, etc, and so on. Is there a way I can do something like: (UPPER(field) matches "XYZ"), so that I dont have to try and match all co...
-
Sagan Sidhu created a post,
Max/Cap values -or- If/Then logic
Is there a way say to re-write the value for a filed based on an if/then statement (or equivalent). Idea is that if I have a value > 100, I just want it to be 100.
-
Sagan Sidhu created a post,
Change a Search Query for a currently monitored Dashboard report
When I have an existing search query, that has been added to a dashboard, I see something about a monitor gets created. When I change/tune the underlying query, do I need to remove and re-add the ...
-
Sagan Sidhu created a post,
Query to get latest timestamp
I have a search query: _sourceHost="xxxxx" | parse "event=*," as eventId | parse "userId=*," as userId | count by userId Results in: userid _count 1 "aaa" 200 2 "null" 52 3 "bbb" 76 4 "ccc" 3 ...
-
Sagan Sidhu created a post,
The first operator is not supported in dashboards
I am trying to add a search (that runs properly with results) to a dashboard. The search has "... count first(company_domain) as company by userID ...". Why cant this be added to the dashboard, ...