Cover by Vincent Bumgarner

Safari, the world’s most comprehensive technology and business learning platform.

Find the exact information you need to solve a problem on the fly, or go deeper to master the technologies and skills you need to succeed

Start Free Trial

No credit card required

O'Reilly logo

Using event types to categorize results

An event type is essentially a simple search definition, with no pipes or commands. To define an event type, first make a search. Let's search for:

sourcetype="impl_splunk_gen" logger="AuthClass"

Let's say these events are login events. To make an event type, choose Event type... from the Create menu, as shown here:

Using event types to categorize results

This presents us with a dialog, where we can assign a Name string and optionally any Tags(s) to this event type, as shown in the following screenshot:

Using event types to categorize results

Let's name our event type login.

We can now search ...

Find the exact information you need to solve a problem on the fly, or go deeper to master the technologies and skills you need to succeed

Start Free Trial

No credit card required