Monthly Archives: July 2016

splunk query neighboring events you should be able to -A or -B (but not both) using the transaction commandequivalent of -B …. | transaction endswith=(<search that matches the event of interest>) maxevents=<number of events in txn>equivalent of -A…. | transaction … Continue reading →