Reporting

Community Activity

Why does the search process need so much memory for one simple query with the data for ONE(!) day? Hello. I'm using Splunk Enterprise 7.2.6 and I'm trying to export some data from past with command below: /path/to/s... by anton_kiryushki Explorer in Reporting 01-25-2023 1 7	1	7
Need help with count of count using Timechart Event 1:Product=shirt1 sku=123 sku=234Event 2:Product=shirt2 sku=987 sku=789 index= store\| rex field=_raw max_match=0... by Prathyusha891 Explorer in Reporting 01-20-2023 0 9	0	9
How to connect two databases from different servers with join command? Hello guys. I received this task at my job, and I still need money in my pocket, so please help me :)) I'm in a Netwo... by razzeri Observer in Reporting 01-19-2023 0 2	0	2
How to change 5 minute timeout on script run from saved search? I have a saved search which runs every day and this calls a script through a windows batch file. This is triggered su... by wyfwa4 Communicator in Reporting 01-15-2023 1 4	1	4
How do you calculate the log size per day for a specific sourcetype or source? Hi, Can i please know how to calculate the log size per day for a specific source or a sourcetype reporting to splu... by kteng2024 Path Finder in Reporting 01-12-2023 0 8	0	8
How to trigger alert if an event is not received by a certain time? Hello, Need help with setting alerts for any event not started by a specific time. I have a lookup file with details... by vgoli Loves-to-Learn Lots in Reporting 01-12-2023 0 4	0	4
Is there a 'faster' way to join to indexes ? splunk receives 2 different stream data sets on a single hec (json). set 1 has call recordsset 2 has call status/disp... by loganseth Path Finder in Reporting 01-11-2023 0 9	0	9
Saved search running from very long time and not finishing? Hi Folks,From last couple of weeks we have observed an issue in our newly developed Splunk app(Radware Bot Risk Scan... by saivijayr Loves-to-Learn in Reporting 01-11-2023 0 2	0	2
Is it possible to set up a report that includes drilldown events? Is it possible to set up a report that includes drilldown events? For example, if my search returns a field with 10 v... by Hackpure08 Engager in Reporting 01-06-2023 0 1	0	1
What history did rest /services/search/jobs brings up I am running \| rest /services/search/jobs command to check my failed searches for last 24 hrs. But I see that some of... by nagar57 Communicator in Reporting 01-06-2023 0 3	0	3
How do I sum the total of appendcol results with option to format the field name? looking for a query to convert the results like thisI have a search to produce report using appendcols a \| b \| c 5785... by jamesbabugm New Member in Reporting 01-05-2023 0 1	0	1
How to export daily dataset to csv file? Hi, I need a help in creating a daily csv export to a file from a data set for 24 hrs . I have a data set under Searc... by Rayees Explorer in Reporting 12-18-2022 0 5	0	5
ML-SPL sample command count=[subsearch value] issue Hi. I have an issue but I can't find the solution nor someone who had the same issue so I post it here.I want to down... by isaiz Loves-to-Learn Lots in Reporting 12-14-2022 0 1	0	1
Using Splunk MLTK functionality while in another Splunk app Hi,I need to use a number of regression models on some index data. This index data is in an app called "XY". However,... by POR160893 Builder in Reporting 12-08-2022 0 0	0	0
How can I reformat this report? All, I have this search index=sro sourcetype=sro-cosmo "DL Cert OK" "Security Posture End of sweep report" \| ex... by GersonGarcia Path Finder in Reporting 11-28-2022 0 1	0	1
How to troubleshoot email ingestion in Service Now that stopped? Our Splunk alerts were integrated to Service Now via email ingestion. But it suddenly stopped and we are not receivin... by ElaCon New Member in Reporting 11-26-2022 0 0	0	0
Unable to filter based on 2 fields- Help with syntax Hey, I have a big query and I need to have a command on the query that would filter all Asset_State!="Development" O... by POR160893 Builder in Reporting 11-23-2022 0 1	0	1
Help with filtering on base search with If query Hey, I have a big base search and I want to add a condition in the search that would remove/ filter out Asset_State ... by POR160893 Builder in Reporting 11-22-2022 0 0	0	0
Trigger alert not seen as email notification for some events? on 11th October we had 5 events, but we received only 2 email notification. Below the 5 events of the alert for Yes... by Veeru Path Finder in Reporting 11-18-2022 0 3	0	3
Where could I start digging to find out why my Search Head Cluster is skipping so many searches? Where could I start digging to find out why my Search Head Cluster is skipping so many searches? I want to find out w... by JDukeSplunk Builder in Reporting 11-17-2022 2 5	2	5
How to include search start and end date of the search in email subject? Hi all I would like to include the start and end date of my search in the email subject. For example, 'The results fr... by tomasz Engager in Reporting 11-17-2022 0 3	0	3
How to compare these two lookups and get the values that are not in the lookup2 (b,c,d)? Hi Splunkers,I have two lookups where having a common field "values"For example:lookup 1 lookup 2values ... by revanthammineni Path Finder in Reporting 11-16-2022 0 1	0	1
How to read only the first value to make a report? Hi, I have an xml response in the below format. I'm trying to read the BusinessId value of this. Since there are mult... by nmarun Explorer in Reporting 11-16-2022 0 7	0	7
How can I convert Dashboard with different panels to saved search? I have a dashboard with different panels, I would like to convert to a savedsearch. This accomplishes two things: Bet... by Gordon1 Explorer in Reporting 11-15-2022 0 2	0	2
How to resolve error: command="sendemail", [Errno -2] Name or service not known while sending mail to: user@domain.com Hi, I'm getting error when trying to send email. command="sendemail", [Errno -2] Name or service not known while send... by anvesh_kumar33 Observer in Reporting 11-15-2022 0 0	0	0