Harinder Bhandari
- Total activity 92
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 52
Activity overview
Latest activity by Harinder Bhandari-
Harinder Bhandari commented,
Currently, "Run Time" FER only applies to JSON data, and all other data is parsed and "Applied at" the ingest time. Hope this helps. Thanks
-
Harinder Bhandari commented,
Hi Bowei, Webhook connections feature is not available to Free Accounts. For Paid Accounts, It is under Manage Data -> Alerts -> Connections. Hope this helps. Thanks.
-
Harinder Bhandari commented,
Hi Jellou, The maximum CSV file size allowed for an attachment to a scheduled search is 5 MB or 1,000 results whichever comes first. If you want to increase this limit, please file a support case w...
-
Harinder Bhandari commented,
Hi Jellou, You can sort by timeslice, field 1, field2, field3 like this: | timeslice 1h| parse field1| parse field2| parse field3| count by _timeslice, field1, field2, field3| sort by _timeslice Ho...
-
Harinder Bhandari commented,
Hi Carl, When you run the query within the subquery it generates output as follows using values of the instance field (instancekeyword1 OR instancekeyword2 or instancekeyword3 or instancekeyword4 …...
-
Harinder Bhandari commented,
Yes, you should be able to schedule a search running on weekdays at Noon for the last 24 hours. when scheduling a search, you should pick up these options: Run Frequency: DailyEvery: Weekday(Monday...
-
Harinder Bhandari commented,
Yes, it can be done in Microsoft Teams also. You have to use customized payload with the payload variable {{Results.fieldname}}: The value is returned from the search result for the specified field...
-
Harinder Bhandari commented,
You can not extract a field from the subquery to be used as a field. So we need to use the JOIN as explained here https://help.sumologic.com/05Search/Search-Query-Language/Search-Operators/join
-
Harinder Bhandari commented,
Hi Cameron, Since it needs more investigation, It would be best if you open a support ticket with Sumo Logic providing the dashboard and panel name. we will help you with the solution. Thanks, Ha...
-
Harinder Bhandari commented,
You can use the format operator. Search for "format" operator in Sumo Logic documentation. 1. Use the "format" operator to reformat the values. For example | 5.2342234 as val| format("%.3f", val) a...