Problem:
How to filter out specific sources, sourcetypes, and hosts from displaying on my Search Summary page in Splunk?

Sample Data – https://www.devopsschool.com/tutorial/splunk/labs/sample-data/earthquake/all_month_earthquakes.csv

Including or excluding or filter out specific sources, sourcetypes, and hosts in Splunk can be done with following.

• Expressions within parentheses
• NOT clauses
• OR clauses
• AND clauses

Examle QUERY

source="*"
source="all_month_earthquakes.csv" 
source="all_month_earthquakes.csv" NOT source="mypc-secruity.csv"
source="mypc-secruity.csv" NOT source="all_month_earthquakes.csv" 
NOT source="mypc-secruity.csv" source="all_month_earthquakes.csv"
source="all_month_earthquakes.csv" | search NOT source="mypc-secruity.csv"
source="mypc-secruity.csv" AND source="all_month_earthquakes.csv"
source="mypc-secruity.csv" OR source="all_month_earthquakes.csv"

«

Prev

1

/

1

Next

»

Splunk Advance Tutorial for Beginners with Demo 2020 — By DevOpsSchool

Splunk Advance Tutorial for Beginners with Demo (2020) — By DevOpsSchool

Splunk Advance Tutorial for Beginners with Demo [2020] — By DevOpsSchool

SPLUNK Essential Tutorial By Shahrukh in 2020

«

Prev

1

/

1

Next

»

Rajesh Kumar

I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I am working at Cotocus. I blog tech insights at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at I reviewed , and SEO strategies at Wizbrand. 

Please find my social handles as below;

Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at PINTEREST
Rajesh Kumar at QUORA
Rajesh Kumar at WIZBRAND