Reporting

Community Activity

Append Generic Saved Search Result Hi, I created generic saved search and it is running fine individually as below \|savedsearch PausedTime_SS index_na... by sanjay_shrestha Contributor in Reporting 07-20-2018 4 5	4	5
Splunk Version 6.6.0 Hello Support, We currently have SMTP server configuration setup for any alerts, Under Mail Server settings, does a... by muhammadamir New Member in Reporting 07-19-2018 0 1	0	1
Fix alert skipping due to reaching "maximum number of concurrent running jobs" I'm trying to debug why a saved search alert we have started skipping recently. Splunk says that there is another ins... by bruceclarke Contributor in Reporting 07-19-2018 0 4	0	4
Can a report be written to a remote share? We are moving off our current SIEM to SPLUNK and one of the reports from our current siem writes to windows share. Ca... by pfabrizi Path Finder in Reporting 07-16-2018 0 2	0	2
Issue with a Search using Modified Time Hey everyone, I've got a query here that I'm using to find values over 3 different periods of time. Today, yesterd... by TheLighterHalf New Member in Reporting 07-16-2018 0 7	0	7
Report with PDF and CSV Hi, The issue is, when I try to save my complete dashboard in Export > PDF, it does not save more than 1000 records ... by mbasharat Builder in Reporting 07-13-2018 0 1	0	1
How to send mails to 300 receipents? We have a report that keeps the time data(hours booked by them in a month) of around 300 employees. Now we want that... by ASISH_9 Engager in Reporting 07-12-2018 0 5	0	5
Alerts Failing to Trigger v7.1.1 Hi I'm trying to set up a basic alert to trigger whenever a Host search generates new results, the corresponding aler... by KevinLamMCD Engager in Reporting 07-12-2018 0 1	0	1
How to create a report for product in time buckets for 0-14 , 14-30 days? I have splunk data similar to below where the product was purchased on different dates by sravanthikand New Member in Reporting 07-04-2018 0 8	0	8
pivot command filtering and splitting on index I am trying to do the following: \| pivot Cisco_IOS_Event Cisco_IOS_Event count(Cisco_IOS_Event) AS "Events" dc(host)... by mikaelbje Motivator in Reporting 07-04-2018 0 0	0	0
How to control page size/formatting with the PDF Server Hello, I am creating a daily report which will contains ~ 10 pages of statistics, charts, exceptions, etc. I have a... by jdagenais Explorer in Reporting 07-03-2018 7 4	7	4
Use Outputcsv file as input to another search Hi All, We wanted to use the outputcsv file to filter events in splunk using another search. For example: Search 1... by bharathkumarnec Contributor in Reporting 07-03-2018 0 5	0	5
FEATURE REQUEST: Application Export via the User Interface Since the feature to import an application via the UI has been around for ages (upload a tar or zip), I'd like to sug... by bandit Motivator in Reporting 07-02-2018 0 2	0	2
How to send report to different user based on SPLUNK query I have a SPLUNK query that generate following table: User_Name Number recipient user_a ... by twtyj New Member in Reporting 07-01-2018 0 6	0	6
how to set expiry time for saved scheduled search results Hello all.. i have a scheduled job which will run for every 1 hr and store results in summary index and send an email... by ramki1459 Explorer in Reporting 06-30-2018 0 3	0	3
scheduled report based on X number of search results i have a query template already made. i want to run this query on X (the number will change all the time) amount of d... by mcohen13 Loves-to-Learn in Reporting 06-30-2018 0 5	0	5
Report delivery to a file I have the need to deliver PDF reports externally. Is there a way to have report generated on a schedule and the res... by jackpal Path Finder in Reporting 06-27-2018 0 1	0	1
Is the timestamp from which the setting value of ttl starts as the report execution time? Or if I check the results of the report on Splunk Web, ttl starts from time of check? I made the following settings in alert_actions.conf. [email] #14days ttl=1209600 And I thought that the expiration... by yutaka1005 Builder in Reporting 06-27-2018 0 3	0	3
Why is it slow if you don't use a numeric value when searching in a datamodel? The following example is pretty fast: \| from datamodel:rc-stats \| search _time > 1519966560 _time <= 1519970160 \| s... by gfrizzo Engager in Reporting 06-26-2018 0 5	0	5
Sendemail script execution failed and no python.log entry I am unable to get the sendemail command to send an email via either a saved search, or an on demand search. In the c... by cwilliamsonHFE New Member in Reporting 06-26-2018 0 0	0	0
Include AND/OR operator in Pivot query Hi guys, my problem is how to make working following query \| pivot Cisco_IOS_Event Cisco_IOS_Event count(host) AS "C... by null0 New Member in Reporting 06-25-2018 0 2	0	2
Is it possible to run search query as Schedule job at indexer level? hi All, We have indexer cluster with 10 Idx. Is it possible to run a search query for every 15 mins with a time rang... by mallempatisreed Explorer in Reporting 06-25-2018 0 5	0	5
add value to kvstore only if its not empty Hi, I have couple of questions. ......... eval fieldname=.... \| outputlookup my_kvstore_lookup How to a... by angelinealex Communicator in Reporting 06-24-2018 0 0	0	0
How to get a list of reports and searches run by a specific user? Hi, I need a report that shows what searches and scheduled reports that a user has run over a timeframe. I thought ... by a212830 Champion in Reporting 06-20-2018 0 5	0	5
Why is the datamodel acceleration constantly doing complete backfill since upgrading to 7.1.x? Since upgrade to 7.x multiple installations I have access to have had very heavy indexer CPU usage. I have upgraded t... by luke_monahan Path Finder in Reporting 06-17-2018 0 3	0	3