| rest splunk_server=local /services/server/info
| table splunk_server numberOfCores numberOfVirtualCores os_build physicalMemoryMB
| appendcols
[| rest splunk_server=local /services/server/status/partitions-space
| table splunk_server mount_point available capacity ]
| eval freeDiskGB=available/1024, totalDiskGB=capacity/1024
| table splunk_server numberOfCores numberOfVirtualCores os_build physicalMemoryMB mount_point freeDiskGB totalDiskGB
| addcoltotals freeDiskGB totalDiskGB
0 comments
[0]
[0]
[0]
[0]
| rest /servicesNS/-/-/data/transforms/lookups getsize=true
| fields splunk_server filename title type size eai:appName
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /servicesNS/-/splunk_app_db_connect/configs/conf-identities
| rename title as user_title
| map [ | rest splunk_server=local /servicesNS/-/splunk_app_db_connect/configs/conf-db_connections | search disabled=0 AND identity="$user_title$" | eval username="$username$", domain_name="$domain_name$" ]
| table title connection_type database host identity username domain_name
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /servicesNS/-/splunk_app_db_connect/configs/conf-identities
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /servicesNS/-/splunk_app_db_connect/configs/conf-db_connections
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /services/deployment/server/clients | eval now=now(), diffTime=now-lastPhoneHomeTime, lastPhoneHomeTime=strftime(lastPhoneHomeTime,"%b %d, %Y %H:%M:%S") | search diffTime>86400 | table hostname ip instanceName utsname package splunkVersion lastPhoneHomeTime
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /services/deployment/server/clients | table hostname ip instanceName utsname package splunkVersion
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /services/deployment/server/applications | search serverclass=* | table title serverclasses stateOnClient
0 comments
[0]
[0]
[0]
[0]
| rest /services/apps/local | search disabled IN ("false",0)| table title version description splunk_server
0 comments
[0]
[0]
[0]
[0]
| rest splunk_server=local /services/saved/searches | where match(search,"datamodel") and 'action.correlationsearch.enabled'=1 | fields title search | rex field=search "datamodel=(?<datamodel1\S+)" | rex field=search "datamodel:(?<datamodel2>\S+)" | rex field=search "datamodel\s\"(?<datamodel3>[^\"]+)" | eval datamodel=coalesce(datamodel1,coalesce(datamodel2,datamodel3)) | table title search datamodel
0 comments
[0]
[0]
[0]
[0]