How to filter out specific sources, sourcetypes, and hosts in Splunk?

Problem:
How to filter out specific sources, sourcetypes, and hosts from displaying on my Search Summary page in Splunk?

Sample Data – https://www.devopsschool.com/tutorial/splunk/labs/sample-data/earthquake/all_month_earthquakes.csv

Including or excluding or filter out specific sources, sourcetypes, and hosts in Splunk can be done with following.

Expressions within parentheses
NOT clauses
OR clauses
AND clauses

Examle QUERY


source="*"
source="all_month_earthquakes.csv" 
source="all_month_earthquakes.csv" NOT source="mypc-secruity.csv"
source="mypc-secruity.csv" NOT source="all_month_earthquakes.csv" 
NOT source="mypc-secruity.csv" source="all_month_earthquakes.csv"
source="all_month_earthquakes.csv" | search NOT source="mypc-secruity.csv"
source="mypc-secruity.csv" AND source="all_month_earthquakes.csv"
source="mypc-secruity.csv" OR source="all_month_earthquakes.csv"

Splunk Advance Tutorial for Beginners with Demo 2020 — By DevOpsSchool

Splunk Advance Tutorial for Beginners with Demo (2020) — By DevOpsSchool

Splunk Advance Tutorial for Beginners with Demo [2020] — By DevOpsSchool

SPLUNK Essential Tutorial By Shahrukh in 2020

Author
Recent Posts

Follow me

Rajesh Kumar

Mentor for DevOps - DevSecOps - SRE - Cloud - Container & Micorservices at Software AG

Join my following certification courses...
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/

My Linkedin - https://www.linkedin.com/in/rajeshkumarin

Follow me

How to filter out specific sources, sourcetypes, and hosts in Splunk?

Need Assistance!!!

Feel Free To Contact Us

+1 (469) 756-6329

(US Call-WhatsApp)

+91 7004 215 841

(India Call-WhatsApp)

Email us

Contact@DevOpsSchool.com