isoutamo SplunkTrust 09-13-2021 05:29 AM Hi Probably something like this could work (I haven't test syntax) index="o365_log" action=created command="Add user." | stats dc by user | fields user | map search="ldapfilter domain=default search=\"(userPrincipa...
compose spec's long volume syntax, bind mounts support a flagcreate_host_pathwhich will automatically create the directory if set totrue(using the short syntax implies this to betrue). I suspect we need something likecreate_volume_subpath(or a better named key) for volume mounts for this fe...
Is there a Splunk CLI command that would provide this check for me? As far as I know, btool only does syntax checking, not a logical verification. Tags: deployment-apps deployment-server serverclass.conf splunk-enterprise 0 Karma Reply 1 Solution Solution ryanoco...