Splunk Search

Community Activity

Transpose Multiple Column Headers HI, I wonder whether someone can help me please. I'm running the query below which works fine, but I'm having some d... by IRHM73 Motivator in Splunk Search 04-26-2018 1 2	1	2
How to get sum of a column Hello, I am new in Splunk and trying to figure out sum of a column. i run following sql query on database: SELECT c... by singh321 New Member in Splunk Search 04-25-2018 0 14	0	14
how to get events for exact matched string only in the field value I am searching : index=web account_domain="INCCORP" bur getting result which have account_doamain with "INCCORP","... by Meharkant123 New Member in Splunk Search 04-25-2018 0 3	0	3
how to exclucde number of values from search sourcetype="source_traffic" \| stats values(dest_port) by dst_ip Hi I am lookin for result of IP which have more than... by Meharkant123 New Member in Splunk Search 04-25-2018 0 2	0	2
How to create a table for pfsense firewall logs using rex command? I was trying to create a table for pfsense firewall logs using rex command. But it is not creating a table, instead s... by jawadak New Member in Splunk Search 04-25-2018 0 3	0	3
How to use where command to keep only specific rows? My query so far looks like this: sourcetype="type1" OR sourcetype="type2" \|chart count(sales1) over sales2 by source... by summitsplunk Communicator in Splunk Search 04-25-2018 0 1	0	1
How to add a column to the results table based on an existing field? Hello: I am trying to add a column to the results table, the reason for this is so that I can then use that value fo... by ivtashev New Member in Splunk Search 04-25-2018 0 1	0	1
How to extract values from a field instead of _raw? Hi I am getting below log and want to extract the data/values from the field using props.conf / transforms.conf. F... by soumyacharya91 Path Finder in Splunk Search 04-25-2018 0 7	0	7
Calculation using the number of events returned to determine average I have data similiar to this: Account Count TotalSessions abc 4 12 xyz ... by dwong2 New Member in Splunk Search 04-25-2018 0 3	0	3
Using a lookup file to run queries I'm trying to create a search based on error strings in a lookup file and i'd like the output to include stats based... by gferreira New Member in Splunk Search 04-25-2018 0 2	0	2
Why am I seeing different results with dashboard/query results using "index in ( A B C )" vs. "index=A"? Okay, I have an issue between the results from "index in ( index1 index2 )" and "index=index1 OR index=index2". What... by scknogas Path Finder in Splunk Search 04-25-2018 0 6	0	6
How to create a single value element for the dashboard? I have following stats. I want to create a single value element which will show the revenue of 2014 and increase/decr... by leanpro Engager in Splunk Search 04-25-2018 0 2	0	2
Timechart Volume per hour same day over several weeks...Seeking alternative way. This is a working search that charts Volume per hour for the same day (Current day) over multiple weeks. The search t... by nqjpm Path Finder in Splunk Search 04-25-2018 0 7	0	7
Splunk Search For Exact Word Hi When I execute a search for "foo", I only want events that have the word foo and not events that have words like ... by sajbutler Path Finder in Splunk Search 04-25-2018 1 4	1	4
Why is Hunk 6.1.1 ignoring 'earliest' and 'latest' in search? I have a vix defined with the following parameters: [mydata] vix.provider = myprovider vix.input.1.path = /user/hunk... by shaskell_splunk Splunk Employee in Splunk Search 04-25-2018 2 6	2	6
How to stop Splunk from recognizing a large number as a (epoch) timestamp? I'm using the map function to do a search on reach row of a table I've created with some IDs that link certain things... by koenV Explorer in Splunk Search 04-25-2018 0 6	0	6
How to categorize count results by country I have the following code from a web log, which gives me a table of the Time (by minute) the total for that minute, a... by parwindertaank Explorer in Splunk Search 04-25-2018 0 2	0	2
How to separate query result by country I have the following which provides me the total number of events for each minute and the predicted value as well as ... by parwindertaank Explorer in Splunk Search 04-25-2018 0 5	0	5
Read timezone from openvas logs? Regex, strftime, won't detect it. I'm inputting openvas logs into splunk. Works great for .messages, not so much for .log files. Below is how the lines... by JSkier Communicator in Splunk Search 04-25-2018 0 3	0	3
Is it possible to change the IP address to the name of the switch? We send syslog direct from switches to the Splunk indexer. Is it possible to change the IP address to the name of the... by chrisitanmoleck Path Finder in Splunk Search 04-25-2018 0 5	0	5
How do I extract multiple events from one event using SPL? I have data that represents values on bidirectional connections for a graph structure. For example, each event has f... by danwilson Explorer in Splunk Search 04-25-2018 0 2	0	2
CSV files limitation Is there a limit associated with csv file for indexing on forwarder. i find many of the csv files are skipping indexi... by jiaqya Builder in Splunk Search 04-25-2018 0 3	0	3
Match url from lookup file to the webgateway access logs and return matched URL as a output result Hello Team, We have a lookup file containing multiple columns, one column contains a list of URL's having column nam... by etric New Member in Splunk Search 04-25-2018 0 6	0	6
Multisearch Is there a way to have if you extract data from a search to have it fun in another search? Like putting the field val... by HealyManTech Explorer in Splunk Search 04-25-2018 0 3	0	3
Search dont work Hi, I want to show the number of all my downloads with a Splunk search, but the search shows never all downloads how... by cesarb Path Finder in Splunk Search 04-25-2018 0 18	0	18