Splunk Search

Community Activity

Splunk show duplicate event but there is only one Hello I'm monitoring a directory with splunk when i search for those events it shows me by example the field id with... by darismendy Explorer in Splunk Search 04-27-2018 0 4	0	4
Bring the last source of the index good morning Currently, for monitoring purposes, it is necessary to validate the states of certain indexes, and w... by efaundez Path Finder in Splunk Search 04-27-2018 0 3	0	3
Mathematical calculations on rows based on grouping This is my table that I have extracted with the help of this query: index=auto_adv_txn_preprod source=cap ( alfaws ... by imran1386 New Member in Splunk Search 04-27-2018 0 8	0	8
System eventtypes "internal_search_terms", "splunkd-access", "splunkd-log" Hello, I want to limit the access for some external users to all eventtypes. There are 3 system-default-eventtypes r... by kandersen New Member in Splunk Search 04-27-2018 0 1	0	1
Using list in query fails to return records Hi All I have data in the below fomat Market=UK, Question=Where do you live, Answer=London Market=USA, Question=Wh... by nirmalya2006 Path Finder in Splunk Search 04-27-2018 0 8	0	8
Filter values in timechart for eval method Hi, This is related to the question asked earlier link: [https://answers.splunk.com/answers/643007/timechart-query-wi... by sawgata12345 Path Finder in Splunk Search 04-27-2018 0 2	0	2
Help with events data! I have this code bellow and i want to just keep with lines of when my Virtual Machine changed Cluster ou VMhost. Obs... by ppatrikfr Path Finder in Splunk Search 04-27-2018 0 3	0	3
Conceptual sourcetype renaming Hi Experts, I am looking for best practices on how to conceptually, systematically and with minimum efforts and rew... by tomasmoser Contributor in Splunk Search 04-27-2018 0 1	0	1
Transpose and Timechart Hi, I wonder whether someone may be able to help me please. I've put together the following query which works but I'... by IRHM73 Motivator in Splunk Search 04-26-2018 0 6	0	6
Renaming field name having # How can I rename a field name starting with # in Splunk search tab? For example: field name I have "#client Name" an... by ccflsampa New Member in Splunk Search 04-26-2018 0 4	0	4
How to lookup value with wildcard? Hi. for example, i have that log: Apr 26 12:04:38 centos7LAB sudo: qweqwe : TTY=pts/4 ; PWD=/home/qweqwe ; USER=root... by test_qweqwe Builder in Splunk Search 04-26-2018 0 6	0	6
Field extraction from host field value Hi, I would like to extract two new fields from the value of the host field at search time. I'd like the first 3 cha... by michaeljorgense Path Finder in Splunk Search 04-26-2018 1 14	1	14
Trendline won't generate I wanted to build a trendline of my hosts response_time over _time. But it won't generate source=my_perf AND (host=... by zacksoft Contributor in Splunk Search 04-26-2018 0 2	0	2
I would like to know the splunk search processing Language command which I need to use to generate the reports as listed in the attachments Report1 and Report2 I would like to know the splunk search processing Language command which I need to use to generate the reports as lis... by sham_suri1 New Member in Splunk Search 04-26-2018 0 2	0	2
Why is my map search returning "No Results Found"? Can anyone help me with this map search? Both the inner and outer searches return what I expect, but when I try to co... by motobeats Path Finder in Splunk Search 04-26-2018 1 3	1	3
Want to split results based on a field value Hi all, We have a field which represets de Offices, and we would like to make 2 different line charts separating bet... by leandrot Explorer in Splunk Search 04-26-2018 0 1	0	1
How to find sum of particular fields by time? We are having search which contain two fields user id and time at which user logged in. We need to print below table... by pal_sumit1 Path Finder in Splunk Search 04-26-2018 0 3	0	3
Regex Help! Hi! First time I am attempting Regex commands and I have got pretty stuck so any help would be much appreciated. I ... by NShimmen New Member in Splunk Search 04-26-2018 0 4	0	4
Query with field from lookup table + concatenate + wildcards I have a lookup file titled airports.csv. In the file, i have several fields, but one is AirportCode. This field has ... by cruzcr Engager in Splunk Search 04-26-2018 0 10	0	10
How to convert function to return epoch time 3 hours later? Here is my date format I would like to convert to epoch for later processing. My date formate is: 3/5/2018 17:03 M... by brdr Contributor in Splunk Search 04-26-2018 0 6	0	6
How to compare two fields in a event and list out the field when one of the fields does not exist? Hello, I have a multiple events in a log file which contains field A and field B but not in all the events, I need t... by bollam Path Finder in Splunk Search 04-26-2018 0 2	0	2
why 2 searches dont return same results This search: index=dev_tsv source="activity" "Organization Name"="NA" "Added a comment" \| rename Action as N... by tkwaller_2 Communicator in Splunk Search 04-26-2018 0 5	0	5
Splunk Trigger alert no transaction inside log file from the directory? I have two directory having two log files Directory: /logs/Test1/ /logs/Test2/ The directory have two log files: ... by karthi2809 Builder in Splunk Search 04-26-2018 0 2	0	2
Is it possible to ignore the last result? good afternoon I have the following query \| dbxquery connection = connection query = "....." \| chart eval (round ... by efaundez Path Finder in Splunk Search 04-26-2018 0 6	0	6
eval IP function - help Hello, I have a search woring which returns single IP addresses as source for certain events. As part of this I want... by griggsy New Member in Splunk Search 04-26-2018 0 1	0	1