Splunk Search

Community Activity

Why some of the field values are missing after stats and chart command? Hi Guys, When I run the below query, it only returns the eventHour up to 14 (2pm) when there are events up to eventH... by auaave Communicator in Splunk Search 04-17-2018 0 2	0	2
how to make lookup fields as static and the results as dynamic from the search query Hi I am having some of the fields in my lookup file (csv file). And I want list down the lookup fields along with the... by Kwip Contributor in Splunk Search 04-17-2018 0 8	0	8
How to calculate processing rate of metrics within specified time range? Here's an example snippet of the logs I'm working with: 2018-04-17 18:26:02 app=test-app, env=qa, total_msg=0 2018-0... by hippe21 Explorer in Splunk Search 04-17-2018 0 2	0	2
How to not automatically invoke the spath command in raw data? Hi, We are using JSON data and the field extractions are done already. So we no need to use the spath command. But ... by nawazns5038 Builder in Splunk Search 04-17-2018 0 7	0	7
Field data from fieldname in variable Any way of achieving this: \| makeresults \| eval Column1="MyData" \| eval TestField="Column1" \| eval Result{TestField... by auradk Path Finder in Splunk Search 04-17-2018 0 2	0	2
Comparison of Field values I have a JSON which has something like this "Current Free Space","value":"240 KB", i am parsing out the field name wh... by macadminrohit Contributor in Splunk Search 04-17-2018 0 3	0	3
How to remove overlapping address ranges from a field of address ranges? I have a field of address ranges where i want to dedup any that overlap. For example: 10.10.20.0/23 10.10.20.160/27 1... by cofisher New Member in Splunk Search 04-17-2018 0 2	0	2
How to send email to different groups based on the criteria? I would like to send emails to different groups based on number of events returned for a search. Query: index=xyz ... by kollachandra Path Finder in Splunk Search 04-17-2018 0 2	0	2
How to use results of one data set to identify outliers of another data set? Hi, I have the average and standard deviation of a particular data set and I want to build a confidence interval fro... by parwindertaank Explorer in Splunk Search 04-17-2018 0 2	0	2
Adapting a search to use timechart Hello: I have the following search: index=M sourcetype="n" name="M*" \|dedup host-ip, plugin_name, plugin_family, se... by atenciodeyka New Member in Splunk Search 04-17-2018 0 2	0	2
Why am I having a problem in tokens when using customviz app from splunkbase? Hi, I tried to use bubble chart from custom viz app that i downloaded on splunk base. The code works if i specify the... by patricianaguit Explorer in Splunk Search 04-17-2018 0 1	0	1
Why doesn't the submit button run unless I manually input text? Hi guys, I've been having this problem for a while now. I have a script that generates a hash for a file based on the... by JarrenJ Explorer in Splunk Search 04-17-2018 0 21	0	21
Eval field based on multiple fields? I have three fields A, B, C. I want to evaluate a field D that has the value of C that corresponds with the min value... by matstap Communicator in Splunk Search 04-17-2018 1 4	1	4
how to calculate percent of size hello thanks for all your help how can I calculate the percent of size base on the data size＜1024 2048＜size ＞10... by fzfengzhuang New Member in Splunk Search 04-17-2018 0 3	0	3
How to extract values from within a field? I have events of the following format: { [-] log: 2018-04-16 11:33:09 INFO Report:46 - Number o... by nitz13 New Member in Splunk Search 04-17-2018 0 1	0	1
Sales of each weekday by week number for month of December hi i need the December month sales by week number , given below i am sharing my index name and other fileds name also... by rajakabdual New Member in Splunk Search 04-17-2018 0 4	0	4
How to display time in string format? Hi, I have a simple search that brings up the total count of logons in a day but I want the time part to say April,16... by carlyleadmin Contributor in Splunk Search 04-17-2018 0 3	0	3
How to join two queries where one query is always static? Hi, I have to create a table in splunk which is basically with two queries out of which one is always static i.e the... by macadminrohit Contributor in Splunk Search 04-17-2018 0 7	0	7
How to use a Boolean string from lookup table in search I have Boolean string with multiple ORs- code!=x OR code!=y OR etc. When I look it up and use in search it evaluates ... by skadirov1 New Member in Splunk Search 04-17-2018 0 4	0	4
How do I count unique values in a multi value field? I have a field cat which may display multiple fields of varying count FFIEC, GLBA, PPI or just PPI so there is no set... by aarontmartin165 Explorer in Splunk Search 04-17-2018 0 8	0	8
How do I create a query to look at multiple sources and destinations at one time? What I am looking for is how to look at multiple sources and destinations in one query. In our enterprise environment... by millionz4184 New Member in Splunk Search 04-17-2018 0 1	0	1
How to fetch the best business week-day for month of September ? Please help me with my search: index=sales sourcetype=csv source= sales_new.csv by rajakabdual New Member in Splunk Search 04-17-2018 0 8	0	8
Merge fields from distinct sources on event Hello, I'm trying to find the best way to do the following: Source A: id_field1 id_field2 fielda1 fielda2 Source B: ... by LordLeet Path Finder in Splunk Search 04-17-2018 0 5	0	5
How to get the sum of some particular row in a separate row at the end of the table? team12 sum1 atgbc.im 10 bctgd.im 20 cdtgb.im 30 abrfc.in 40 bcded.in 50 total (.im) 60 total (.in) 90 total(in+im... by pal_sumit1 Path Finder in Splunk Search 04-17-2018 0 4	0	4
Search fillnull=0 doesn't work i have a query like this: \|makeresults \|eval trail1="0.00" \|table trail1, trail2 \|fillnull value="0.00" i just wan... by jadengoho Builder in Splunk Search 04-17-2018 0 2	0	2