Splunk Eval Not Like

I am very new to Splunk and basically been dropped in the deep end!! also very new to language so any help and tips on the below would be great. Replace my indexes w/ yours. 5% in active morning trading Monday, after the graphics chip maker. Usage of Splunk EVAL Function : IF. com and does not include a port specifier. The Job Inspector may reveal that Splunk used "myField!=someValue\xa0" instead (where the. Eval - Splunk Documentation. So data is flowing into Splunk. Everything you need for enterprise-ready Docker container development of Kubernetes-ready applications. eval like · commented. (SPLK), delivering actions and outcomes from the world of data, today announced a definitive agreement to acquire SignalFx, a SaaS leader in real-time monitoring and metrics for cloud. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. The eval command requires that you specify a field name that takes the results of the expression you want to evaluate. Usage of Splunk EVAL Function : MVJOIN. Please like subscribe. Despite the fact that I have already done various Splunk searches before, for example in Tracking software versions using Nessus and Splunk, the correlation of different events in Splunk seems to be a very different task. Splunk Power User Certification study guide by trasoncarver includes 45 questions covering vocabulary, terms and more. Deloitte and Splunk Provide Automated Security Monitoring and Response Capabilities to Organizations Worldwide. Each role (webserver, db, etc. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. Examples: With the necessary theory discussed about the command and its syntax, usage – let us now concentrate on how to use it in the real time world. 1-2008, which is part of the Single UNIX Specification (SUS). It is for informational purposes only and shall not be incorporated into any contract or other commitment. Eval - Splunk Documentation. The following Splunk search query will output license usage for each index for each day for the week to date. Message formats. caller and. This example uses the sample data from the Search Tutorial, but should work with any format of Apache Web access log. So I've tried the code as you suggested , but unfortunately it doesn't work how I'd like the output to be. This week, Splunk hosted its first annual Splunktern Project Showcase! Thank you to everyone who came out to support, and congratulations to all of our Splunkterns for an amazing summer. The eval functions are not the same as eval expressions. Eval is normally used to evaluate an arbitery expression,perform mathematical operations,renaming fields etc. The eval command calculates an expression and puts the resulting value into a search results field. eval in all its forms is used to execute a little Perl program, trapping any errors encountered so they don't crash the calling program. Built-in Functions¶. Usage of Splunk EVAL Function : IF. There are three logging driver messaging formats: inline (default), json, and raw. When the first X expression is encountered that evaluates to TRUE, the corresponding Y argument will be returned. Troubleshooting Indexed Data Volume. 6 million, or $0. Thus there are only two real eval forms; the one with an EXPR is often called "string. The out come i am trying to get is to join the quer. Splunk exposes a lot of required chart properties in Simple XML through chart configurations. in About arguments. If I install the splunk forwarder, I can get the remote data into my splunk install, and index my logs, and searching is great. It can accept a source program and analyze it without sending it over the network. * However, you can use eval expressions with other commands such as chart and timechart. Check out tweets of answers contributed by awesome members of the Splunk Community, or visit https://t. Welcome to eValuate!! - The University of Oklahoma's online course and instructor evaluation system. Splunk) So you are looking to do something like this in the short term? function works inside an eval function, but. Regex%vs%Restof%the%(paern)%World% %%%%%anyanyamountof’ characteranycharacterExamples! bash! dos!!!!!?!!!!!. Eval and where require that the pattern for a LIKE. Please like subscribe. Where's it coming from? What's chatty today? Who just blew the doors off our indexing volume?. Below are the topics that will be discussed in this session: 1. Where Parameters is any one or more Parameter from the list below and separator is a any field separator like hyphen( - ) , slash , colon : and it is optional. Please prove me wrong. de April 9, 2015. Eval is normally used to evaluate an arbitery expression,perform mathematical operations,renaming fields etc. Machine data is one of the fastest growing and most. Learn vocabulary, terms, and more with flashcards, games, and other study tools. The latest Tweets from Splunk Answers (@splunkanswers). | View Gallery. The status codes are not shown in any column, and using the second solution you kindly provided in Splunk answers the Successful and Unsuccesful columns are blank. In many places, this results in one group running Splunk as a service f. Use Splunk to search, monitor, analyze and visualize machine data. These rolled up statistics is what we would then import into VisualizeIT for purposes of visualization, modelling and forecasting. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Where's it coming from? What's chatty today? Who just blew the doors off our indexing volume?. The status codes are not shown in any column, and using the second solution you kindly provided in Splunk answers the Successful and Unsuccesful columns are blank. Effective Usage of "STRPTIME" and "STRFTIME" Below is the effective usage of the " strptime " and " strftime " function which are used with eval command in SPLUNK :. splunkcloud. at any time without notice. Deloitte and Splunk Provide Automated Security Monitoring and Response Capabilities to Organizations Worldwide. * However, you can use eval expressions with other commands such as chart and timechart. This involves adding a list of file paths to a Splunk configuration file (inputs. conf2015_BSimon_Splunk_UsingSplunkSearchLanguage_BestPracticesandBetter. Find user submitted queries or register to submit your own. Eval and where require that the pattern for a LIKE. Using cidrmatch with a lookup table (self. in About arguments. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. The Splunk earnings report came after. Splunk Light is a comprehensive solution for small IT environments that automates log search and analysis. Our collective knowledge-sharing helps us all to be more effective. For example, Eval("1 + 1") returns 2. Thus there are only two real eval forms; the one with an EXPR is often called "string. Simple triggers are a set of reserved functions built into Apps Script, like the function onOpen(e), which executes when a user opens a Google Docs, Sheets, Slides, or Forms file. Using cidrmatch with a lookup table (self. The latest Tweets from Splunk Answers (@splunkanswers). Warn About == null About debugging code About unsafe for. (SPLK), delivering actions and outcomes from the world of data, today announced a definitive agreement to acquire SignalFx, a SaaS leader in real-time monitoring and metrics for cloud. I'm a career science writer/editor, having written in many contexts (from print journalism. 1) - Note that not all examples will work with Splunk 6 (tags on the contents page denote version compatibility) Upgrade Instructions: Due to many of the changes made in this version, you must first delete the prior version before installing - Delete prior version from the file system. Message formats. As next steps we would recommending reading the Splunk Forwarder article which talks about downloading, installing and configuring the Splunk Forward which is required to aggregated and send data to Splunk. We are so, so proud of all that you have accomplished these past few months! # splunklife. de April 9, 2015. Despite the fact that I have already done various Splunk searches before, for example in Tracking software versions using Nessus and Splunk, the correlation of different events in Splunk seems to be a very different task. eval command Eval command in splunk is a multipurpose command in splunk. The eval command requires that you specify a field name that takes the results of the expression you want to evaluate. Nowadays, we see several events being collected from various data sources in JSON format. Words are my jam. Nvidia's stock jumps in active trade as Minecraft, other games support real-time ray tracing. Boolean Operations AND OR NOT XOR > = >= != = == LIKE. The Job Inspector may reveal that Splunk used "myField!=someValue\xa0" instead (where the. This involves adding a list of file paths to a Splunk configuration file (inputs. INGEST_EVAL. I could be wrong but 2 days on answers. Conf2015_CMerchant_Oracle_SecurityCompliance_AffordableSecurityMakingThe. The Chargeback App is intended to calculate maintenance and yearly run rates for Splunk. Splunk forwarder basically acts as agent for log collection from remote machines. “Defense in depth” is an older methodology used for. The out come i am trying to get is to join the quer. Please prove me wrong. Start studying Splunk Fundamentals Part 2 (IOD). Not Modified 304. Today’s post will touch on another foundational capability within Splunk—the eval command. Using cidrmatch with a lookup table (self. Creating and CRUDing a KV Store in Splunk: Part 2. Learn vocabulary, terms, and more with flashcards, games, and other study tools. The Python interpreter has a number of functions and types built into it that are always available. Welcome to eValuate!! - The University of Oklahoma's online course and instructor evaluation system. Support Role for Top Bank in Princeton, NJ and NYC (Unix Scripting, Database, JMX, Java, Big Data, Splunk, Grid Computing, Finance) jobs at Archer I. Do not call eval() to evaluate an arithmetic expression; JavaScript evaluates arithmetic expressions automatically. This is a list of Unix commands as specified by IEEE Std 1003. Please prove me wrong. Longer-term investors who can overlook the near-term timing issues related to cash flow can find plenty to like in Splunk’s latest report, as the numbers indicate customer demand remains robust. csv file) using the lookups. The following query shows uptime of all systems over a certain period of time (days_uptime). More about splunk eval : If you want to support this channel you can buy anything you like from Amazon by clicking any of the links below, I will get a share from that purchase. caller and. If I install the splunk forwarder, I can get the remote data into my splunk install, and index my logs, and searching is great. 6) - which can still be processed with a function like preg_replace to receive the filename of the file containing the eval(). lets get the parameter for year , month and date and produce a hyphen separated date format. 1-2008, which is part of the Single UNIX Specification (SUS). This week, Splunk hosted its first annual Splunktern Project Showcase! Thank you to everyone who came out to support, and congratulations to all of our Splunkterns for an amazing summer. Splunk exposes a lot of required chart properties in Simple XML through chart configurations. This blog post is part of a challenge or a “blog-a-thon” in my group of Sales Engineers. NET Framework format string (like those used by Format(String, Object)) Or, you can call Eval function and not include the container parameter. Not sexy but it worked, hopefully the formatting of your data makes that possible Problem as I saw it was Splunk's support for querying JSON isn't as robust as for XML (XPath-like via spath or xmlkv). database / schema index / app In Splunk, an index is a collection of data, somewhat like a database has a collection of tables. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. Simply put, we try to find domains which have a “substantial” number of requests that aren’t normal. Join LinkedIn Summary. After teaching Splunk how to extract out more fields from the raw underlying data, the same search will return more fields that it previously did. Eval modifies or creates new filed. Shares of Nvidia Corp. Splunk) So you are looking to do something like this in the short term? function works inside an eval function, but. InfluxDB is not designed to satisfy full-text search or log management use cases and therefore would be out of scope. The challenge is to see who could blog about some of the least used Splunk search commands. 12 per share. Get fast answers and downloadable apps for Splunk, the IT Search solution for Log Management, Operations, Security, and Compliance. The first argument X must be a Boolean expression. eval command Eval command in splunk is a multipurpose command in splunk. Start studying Splunk Fundamentals Part 2 (IOD). The challenge is to see who could blog about some of the least used Splunk search commands. The eval functions are not the same as eval expressions. This involves adding a list of file paths to a Splunk configuration file (inputs. Related Page: Splunk Streamstats Command. Splunk uses Highcharts(JSChart) for plotting various charts i. As next steps we would recommending reading the Splunk Forwarder article which talks about downloading, installing and configuring the Splunk Forward which is required to aggregated and send data to Splunk. pdf Conf2015_BSimon_Splunk_UsingSplunkSearchLanguage_BestPracticesandBetter. To try this example on your own Splunk instance, you must download the sample data and follow the instructions to get the tutorial data into Splunk. de April 9, 2015. As we promised we have started our journey with qualitative videos This is first video bassed on splunk admin. Instead, it'll answer something like "c:\directory\filename. Boolean Operations AND OR NOT XOR > = >= != = == LIKE. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. 12 per share. Built-in Functions¶¶. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. But I have a number of router devices and other devices that run sysl. The latest Tweets from Splunk Answers (@splunkanswers). This function concatenates all the values within X using the value of Y as a separator. The Splunk earnings report came after. Longer-term investors who can overlook the near-term timing issues related to cash flow can find plenty to like in Splunk’s latest report, as the numbers indicate customer demand remains robust. Warn About == null About debugging code About unsafe for. Splunk forwarder basically acts as agent for log collection from remote machines. Nowadays, we see several events being collected from various data sources in JSON format. INGEST_EVAL. Recently I've spent some time dealing with Splunk. If you construct an arithmetic expression as a string, you can use eval() to evaluate it at a later time. Adjusted for items like stock-based compensation and acquisition expenses, Splunk generated (non-GAAP) net income of $46. If the argument is one or more JavaScript statements, eval() executes the statements. at any time without notice. eval in all its forms is used to execute a little Perl program, trapping any errors encountered so they don't crash the calling program. 11:8089 -auth admin:password splunk enable listen port-auth username:password splunk enable boot-start -user siem ( as root) splunk enable deploy-client -auth admin:password splunk list deploy-clients (on deployment server - asks for admin PW). Usage of Splunk EVAL Function : MVJOIN. You have to wrap if statements in code tags:. As next steps we would recommending reading the Splunk Forwarder article which talks about downloading, installing and configuring the Splunk Forward which is required to aggregated and send data to Splunk. A blowout quarter wasn’t enough to prevent a cash-burn induced tumble. at any time without notice. de April 9, 2015. So data is flowing into Splunk. Related Page: Splunk Streamstats Command. Examples: With the necessary theory discussed about the command and its syntax, usage – let us now concentrate on how to use it in the real time world. * However, you can use eval expressions with other commands such as chart and timechart. The eval() function evaluates or executes an argument. Message formats. The following query shows uptime of all systems over a certain period of time (days_uptime). Where Parameters is any one or more Parameter from the list below and separator is a any field separator like hyphen( - ) , slash , colon : and it is optional. Learn vocabulary, terms, and more with flashcards, games, and other study tools. Please like subscribe. Simply put, we try to find domains which have a “substantial” number of requests that aren’t normal. The Sumo Logic platform helps you make data-driven decisions and reduce the time to investigate security and. I am very new to Splunk and basically been dropped in the deep end!! also very new to language so any help and tips on the below would be great. The eval command requires that you specify a field name that takes the results of the expression you want to evaluate. Usage of Splunk EVAL Function : MVJOIN. Start studying Splunk Fundamentals and Power User Certification. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Use Splunk to search, monitor, analyze and visualize machine data. The eval() function evaluates or executes an argument. Since I had an older blog, I. More about splunk eval : If you want to support this channel you can buy anything you like from Amazon by clicking any of the links below, I will get a share from that purchase. Replace my indexes w/ yours. | View Gallery. Capability is designed to enable clients to more effectively detect, defend and. I will try to clarify that in the section that you reference. * However, you can use eval expressions with other commands such as chart and timechart. As we promised we have started our journey with qualitative videos This is first video bassed on splunk admin. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. We also covered how to edit a KV Store directly using the Splunk Search Language. Shares of Nvidia Corp. A blowout quarter wasn’t enough to prevent a cash-burn induced tumble. Usage of Splunk EVAL Function : IF. returns wrong results that are not easily noticed until "too late". 30 per share -- also far above estimates for $0. * However, you can use eval expressions with other commands such as chart and timechart. Instead, it'll answer something like "c:\directory\filename. Check out tweets of answers contributed by awesome members of the Splunk Community, or visit https://t. You have to wrap if statements in code tags:. GoSplunk is a place to find and post queries for use with Splunk. Welcome Welcome to Splunk Answers, a Q&A forum for users to find answers to questions about deploying, managing, and using Splunk products. In many places, this results in one group running Splunk as a service f. The eval command requires that you specify a field name that takes the results of the expression you want to evaluate. eval BLOCK; eval. Fields in Splunk are not tied to a datatype. Related Page: Splunk Streamstats Command. This Splunk macro makes writing the attribute lists of each element much easier. 1) - Note that not all examples will work with Splunk 6 (tags on the contents page denote version compatibility) Upgrade Instructions: Due to many of the changes made in this version, you must first delete the prior version before installing - Delete prior version from the file system. Thus there are only two real eval forms; the one with an EXPR is often called "string. conf2015_BSimon_Splunk_UsingSplunkSearchLanguage_BestPracticesandBetter. It can accept a source program and analyze it without sending it over the network. Boolean Operations AND OR NOT XOR > = >= != = == LIKE. Splunk reported second-quarter earnings Wednesday that crushed Wall Street estimates for the top and bottom lines, sending the stock up in after-hours trading. Topic 2: Overriding Chart Styles using CSS. Try this just to see if you get a result back to see if Splunk is treating it like an MV field even with a single result and not working with a straight comparison (the mvfind command uses regex for the match):. Troubleshooting Indexed Data Volume. Do not call eval() to evaluate an arithmetic expression; JavaScript evaluates arithmetic expressions automatically. If I install the splunk forwarder, I can get the remote data into my splunk install, and index my logs, and searching is great. I created a middleman blog using this tutorial and documentation. Below are the topics that will be discussed in this session: 1. Use Splunk to search, monitor, analyze and visualize machine data. In Part 1, we covered how to create a KV Store both through the UI, as well as by modifying collections. We are so, so proud of all that you have accomplished these past few months! # splunklife. I am very new to Splunk and basically been dropped in the deep end!! also very new to language so any help and tips on the below would be great. Quizlet flashcards, activities and games help you improve your grades. Usage of Splunk EVAL Function : IF. Writing a Navy Eval. Increase your troubleshooting effectiveness. Topic 2: Overriding Chart Styles using CSS. This involves adding a list of file paths to a Splunk configuration file (inputs. Today’s post will touch on another foundational capability within Splunk—the eval command. Warn About == null About debugging code About unsafe for. This forms most of your work, if Splunk’s eval command is put to use. If the argument represents one or more JavaScript statements, eval() evaluates the statements. database / schema index / app In Splunk, an index is a collection of data, somewhat like a database has a collection of tables. You can use the Eval function to evaluate an expression that results in a text string or a numeric value. Learn vocabulary, terms, and more with flashcards, games, and other study tools. Splunk) So you are looking to do something like this in the short term? function works inside an eval function, but. A customer once said, The relationships I built attending Splunk's. This function takes two arguments ( X and Y) So X will be any multi-value field name and Y will be delimiter. GoSplunk is a place to find and post queries for use with Splunk. I chose coalesce because it does not come up often. - Fixed compatibility issue (now supports Splunk 6, 6. Multi-record alerts (defined using the Create Multiple ServiceNow Security Incidents and Create Multiple ServiceNow Security Events trigger actions) can automatically create records with any set of fields supported. conf feels like I've augmented my staff by 10 people. The Splunk earnings report came after. conf and transforms. I think that one of the things that's been holding us back is people are really afraid about the price of Splunk. In this part, we will cover CRUDing our KV Store Collection. Splunk has built powerful capabilities to extract the data from JSON and provide the keys into field names and JSON key-values for those fields for making JSON key-value (KV) pair accessible. Check out tweets of answers contributed by awesome members of the Splunk Community, or visit https://t. Splunk Light is a comprehensive solution for small IT environments that automates log search and analysis. It is for informational purposes only and shall not be incorporated into any contract or other commitment. You can use the Eval function to evaluate an expression that results in a text string or a numeric value. Magic constants like __FILE__ may not return what you expect if used inside eval()'d code. Regex%vs%Restof%the%(paern)%World% %%%%%anyanyamountof’ characteranycharacterExamples! bash! dos!!!!!?!!!!!. Splunk uses Highcharts(JSChart) for plotting various charts i. Welcome to eValuate!! - The University of Oklahoma's online course and instructor evaluation system. Increase your troubleshooting effectiveness. Deloitte and Splunk Provide Automated Security Monitoring and Response Capabilities to Organizations Worldwide. Everything you need for enterprise-ready Docker container development of Kubernetes-ready applications. Warn About == null About debugging code About unsafe for. Effective Usage of "STRPTIME" and "STRFTIME" Below is the effective usage of the " strptime " and " strftime " function which are used with eval command in SPLUNK :. If the client has done a conditional GET and access is allowed, but the document has not been modified since the date and time specified in If-Modified-Since field, the server responds with a 304 status code and does not send the document body to the client. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. This week, Splunk hosted its first annual Splunktern Project Showcase! Thank you to everyone who came out to support, and congratulations to all of our Splunkterns for an amazing summer. I am trying to use Puppet to automatically configure Splunk monitoring. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. NOTICE TO STUDENTS: Even though you log in with your OUNet ID and password, your evaluations and comments are not connected to your log in information in any way. The Job Inspector may reveal that Splunk used "myField!=someValue\xa0" instead (where the. This Splunk macro makes writing the attribute lists of each element much easier. This file allows JSLint to be run from a web browser. Built-in Functions¶. OWASP Cheat Sheets Martin Woschek, [email protected] Do not call eval() to evaluate an arithmetic expression; JavaScript evaluates arithmetic expressions automatically. callee About assignments if/for/ About functions inside loops About eval About unsafe line breaks About potential typos in logical operators When code is not in strict mode When new is used for side-effects. Examples: With the necessary theory discussed about the command and its syntax, usage – let us now concentrate on how to use it in the real time world. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Now Available in Community - MBAS 2019 Presentation Videos. Eval and where require that the pattern for a LIKE. But I have a number of router devices and other devices that run sysl. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. This week, Splunk hosted its first annual Splunktern Project Showcase! Thank you to everyone who came out to support, and congratulations to all of our Splunkterns for an amazing summer. Built-in Functions¶. The splunk-url for Splunk instances hosted on Splunk Cloud is in a format like https://http-inputs-XXXXXXXX. Optionally, the Transform stage may include a Data Enrichment substage that involves adding or cross-referencing data from an external source (for example, a. GoSplunk is a place to find and post queries for use with Splunk. Splunk uses Highcharts(JSChart) for plotting various charts i. Machine data is one of the fastest growing and most. Use Splunk to search, monitor, analyze and visualize machine data. Your actions and preparation over the previous year are the most critical component because without them, there would be nothing to write about!. INGEST_EVAL. If you are running Splunk in a medium to large environment, you are probably sharing Splunk with other groups. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. php(123) : eval()'d code" (under Windows, obviously, checked with PHP5. Start studying Splunk Fundamentals and Power User Certification. returns wrong results that are not easily noticed until "too late". The following Splunk search query will output license usage for each index for each day for the week to date. The default format is inline where each log message is embedded as a string. NET Framework format string (like those used by Format(String, Object)) Or, you can call Eval function and not include the container parameter. Try this just to see if you get a result back to see if Splunk is treating it like an MV field even with a single result and not working with a straight comparison (the mvfind command uses regex for the match):. 20+ features from Splunk which are not there in Elastic. Now Available in Community - MBAS 2019 Presentation Videos. Topic 2: Overriding Chart Styles using CSS. 12 per share. A blowout quarter wasn’t enough to prevent a cash-burn induced tumble. The features are: Join - SQL like join; Pipe (I) - Feed subsearch output to next query. Where's it coming from? What's chatty today? Who just blew the doors off our indexing volume?. Do not call eval() to evaluate an arithmetic expression; JavaScript evaluates arithmetic expressions automatically. As next steps we would recommending reading the Splunk Forwarder article which talks about downloading, installing and configuring the Splunk Forward which is required to aggregated and send data to Splunk. Each role (webserver, db, etc. So I've tried the code as you suggested , but unfortunately it doesn't work how I'd like the output to be. Both the eval operator in Splunk and the extend operator in Azure Monitor only support scalar functions and arithmetic operators. Docker Desktop is an application for MacOS and Windows machines, delivering the easiest and fastest way to build production-ready container applications for Kubernetes or Swarm, working with any framework and language and targeting any platform. Eval modifies or creates new filed. Not sexy but it worked, hopefully the formatting of your data makes that possible Problem as I saw it was Splunk's support for querying JSON isn't as robust as for XML (XPath-like via spath or xmlkv). Nowadays, we see several events being collected from various data sources in JSON format. But I have a number of router devices and other devices that run sysl. The fact-checkers, whose work is more and more important for those who prefer facts over lies, police the line between fact and falsehood on a day-to-day basis, and do a great job. Today, my small contribution is to pass along a very good overview that reflects on one of Trump’s favorite overarching falsehoods. Namely: Trump describes an America in which everything was going down the tubes under  Obama, which is why we needed Trump to make America great again. And he claims that this project has come to fruition, with America setting records for prosperity under his leadership and guidance. “Obama bad; Trump good” is pretty much his analysis in all areas and measurement of U.S. activity, especially economically. Even if this were true, it would reflect poorly on Trump’s character, but it has the added problem of being false, a big lie made up of many small ones. Personally, I don’t assume that all economic measurements directly reflect the leadership of whoever occupies the Oval Office, nor am I smart enough to figure out what causes what in the economy. But the idea that presidents get the credit or the blame for the economy during their tenure is a political fact of life. Trump, in his adorable, immodest mendacity, not only claims credit for everything good that happens in the economy, but tells people, literally and specifically, that they have to vote for him even if they hate him, because without his guidance, their 401(k) accounts “will go down the tubes.” That would be offensive even if it were true, but it is utterly false. The stock market has been on a 10-year run of steady gains that began in 2009, the year Barack Obama was inaugurated. But why would anyone care about that? It’s only an unarguable, stubborn fact. Still, speaking of facts, there are so many measurements and indicators of how the economy is doing, that those not committed to an honest investigation can find evidence for whatever they want to believe. Trump and his most committed followers want to believe that everything was terrible under Barack Obama and great under Trump. That’s baloney. Anyone who believes that believes something false. And a series of charts and graphs published Monday in the Washington Post and explained by Economics Correspondent Heather Long provides the data that tells the tale. The details are complicated. Click through to the link above and you’ll learn much. But the overview is pretty simply this: The U.S. economy had a major meltdown in the last year of the George W. Bush presidency. Again, I’m not smart enough to know how much of this was Bush’s “fault.” But he had been in office for six years when the trouble started. So, if it’s ever reasonable to hold a president accountable for the performance of the economy, the timeline is bad for Bush. GDP growth went negative. Job growth fell sharply and then went negative. Median household income shrank. The Dow Jones Industrial Average dropped by more than 5,000 points! U.S. manufacturing output plunged, as did average home values, as did average hourly wages, as did measures of consumer confidence and most other indicators of economic health. (Backup for that is contained in the Post piece I linked to above.) Barack Obama inherited that mess of falling numbers, which continued during his first year in office, 2009, as he put in place policies designed to turn it around. By 2010, Obama’s second year, pretty much all of the negative numbers had turned positive. By the time Obama was up for reelection in 2012, all of them were headed in the right direction, which is certainly among the reasons voters gave him a second term by a solid (not landslide) margin. Basically, all of those good numbers continued throughout the second Obama term. The U.S. GDP, probably the single best measure of how the economy is doing, grew by 2.9 percent in 2015, which was Obama’s seventh year in office and was the best GDP growth number since before the crash of the late Bush years. GDP growth slowed to 1.6 percent in 2016, which may have been among the indicators that supported Trump’s campaign-year argument that everything was going to hell and only he could fix it. During the first year of Trump, GDP growth grew to 2.4 percent, which is decent but not great and anyway, a reasonable person would acknowledge that — to the degree that economic performance is to the credit or blame of the president — the performance in the first year of a new president is a mixture of the old and new policies. In Trump’s second year, 2018, the GDP grew 2.9 percent, equaling Obama’s best year, and so far in 2019, the growth rate has fallen to 2.1 percent, a mediocre number and a decline for which Trump presumably accepts no responsibility and blames either Nancy Pelosi, Ilhan Omar or, if he can swing it, Barack Obama. I suppose it’s natural for a president to want to take credit for everything good that happens on his (or someday her) watch, but not the blame for anything bad. Trump is more blatant about this than most. If we judge by his bad but remarkably steady approval ratings (today, according to the average maintained by 538.com, it’s 41.9 approval/ 53.7 disapproval) the pretty-good economy is not winning him new supporters, nor is his constant exaggeration of his accomplishments costing him many old ones). I already offered it above, but the full Washington Post workup of these numbers, and commentary/explanation by economics correspondent Heather Long, are here. On a related matter, if you care about what used to be called fiscal conservatism, which is the belief that federal debt and deficit matter, here’s a New York Times analysis, based on Congressional Budget Office data, suggesting that the annual budget deficit (that’s the amount the government borrows every year reflecting that amount by which federal spending exceeds revenues) which fell steadily during the Obama years, from a peak of $1.4 trillion at the beginning of the Obama administration, to $585 billion in 2016 (Obama’s last year in office), will be back up to $960 billion this fiscal year, and back over $1 trillion in 2020. (Here’s the New York Times piece detailing those numbers.) Trump is currently floating various tax cuts for the rich and the poor that will presumably worsen those projections, if passed. As the Times piece reported: