Splunk Search

Community Activity

Place value in custom column if date is a certain month? I am trying to populate a custom column if a date stamp (that has been converted to epoch) if that date stamp matches... by rkassabov Path Finder in Splunk Search 04-02-2018 0 7	0	7
data count from differents report in the same report Hi I use 4 différents reports for doing a count of data 1) index="wineventlog" sourcetype="wineventlog:application"... by jip31jip31 Explorer in Splunk Search 04-02-2018 0 5	0	5
Attempting to extract multiple fields out of a large logfile and creating a stats chart I have a logfile which has multiple lines of logs with each logline having nearly 700+ lines. I am trying to extract ... by deepwater New Member in Splunk Search 04-02-2018 0 5	0	5
Limit message length Hello, How can i limit the nuber of character displayed in the message field? Thank you. by smarechal Explorer in Splunk Search 04-02-2018 0 4	0	4
Eval if date stamp is a certain month? I need to eval if a date+time stamp (for example: 2018-02-22 21:54:00.380000) falls in a certain month (i.e. jan, fe... by rkassabov Path Finder in Splunk Search 04-02-2018 0 11	0	11
how to hide options like message, setting,activity from the first page Hi Experts, I do not want to show Message, Setting , activity , help to my user it is present at the top right corne... by vikas_gopal Builder in Splunk Search 04-02-2018 1 5	1	5
How to get at two fields from a subsearch to the main search results Hello, I am stuck with a scenario and can not figure out the right way out. I want my Sub search to retrieve 2 field... by Sayanta_Basak_I Explorer in Splunk Search 04-02-2018 0 10	0	10
unable to all the display values if a condition is met Hi Everyone I am trying to display the status of all the servers even if one one server status is OUT. like below. ... by sukundur Engager in Splunk Search 04-02-2018 0 4	0	4
Timechart total selles over month period Hello I need to timechart sum of selles over month period. how to do this? I am new in splunk. by dibrova911 New Member in Splunk Search 04-02-2018 0 3	0	3
Join in Splunk Hi there! Just want to ask if possible to execute a non-equijoin in Splunk? A non-equijoin (in SQL) joins two table ... by cx233alvin Explorer in Splunk Search 04-01-2018 0 9	0	9
Modify the result of a query using csv lookup Before asking the question, here is a brief description of what I have done and doing. Below query is working fine w... by AdsicSplunk New Member in Splunk Search 04-01-2018 0 4	0	4
Search results to get the fresh values not the old values Hi @everyone, @skoelpin, Can you please help me in this. I have firefox program installed in my system . Now , I ... by bagarwal Path Finder in Splunk Search 04-01-2018 0 5	0	5
"What to Search" isn't working "What to Search" on the right side of "Splunk Search" does not work. ⇒ Waiting for data… As for the Data summary ... by oda Communicator in Splunk Search 04-01-2018 0 3	0	3
How to connect two different indexes by unique item code showing count / percent (with match) & (without match)? I have 2 indexes. 1st index (Index1) has a unique item code (Item1) for an item when it enters a process. 2nd index (... by timothytruax Explorer in Splunk Search 04-01-2018 0 5	0	5
How to remove common field values after join? I have two indexes. I can join them and see the results based on a common field. I want to see only the results in th... by JoshuaJohn Contributor in Splunk Search 03-31-2018 0 1	0	1
How to onboard csv files using Monitor with specific requirements? I have .csv file which would be on-boarded into Splunk using Monitor. It has two specific requirements as below: The... by rajim Path Finder in Splunk Search 03-30-2018 0 1	0	1
How to extract multiple values from a single field, if they exist, with regex? I have some fields within Splunk that are showing 1 to many values. One log may have the following: sig_names="valu... by iomega311 Explorer in Splunk Search 03-30-2018 0 1	0	1
How accurate is iplocation for cluster map use? I have fortigate logs for which I have a high level of confidence that the srccountry values are correct. I selected... by Gawker Path Finder in Splunk Search 03-30-2018 0 1	0	1
Problem executing ORACLE subquery in DB Connect... I'm running into a problem when executing a subquery in DB Connect. When the query is executing through SQL Develop... by Adam_Marx Explorer in Splunk Search 03-30-2018 0 3	0	3
Sum of field but grouped by another field Values I have the following values: OS= ex. windows, linux CPUCount= ex. 4,8,16 MemoryCount= ex. 8,16,32 PhysicalVirtual= e... by matt4321 Explorer in Splunk Search 03-30-2018 0 5	0	5
Are there any limitations of search string length or of count of conditions, or it is specific to cidrmatch only? Hello Team, I facing an issue when executing the search on the dashboard. Search Logic: I have a Network KV Store ... by kamlesh_vaghela SplunkTrust in Splunk Search 03-30-2018 0 1	0	1
How to combine multiple, different fields from 2 different sourcetypes into 1 stats table? I have been searching through all of the similar questions on this site, and I believe my problem is that I have 2 di... by Earenhart Path Finder in Splunk Search 03-30-2018 0 5	0	5
How to extract field name containing square brackets, "conn[SSL/TLS]=23832"? I have an auto-extracted field name of "conn" (conn=12345), but if the connection is SSL, then the field name becomes... by dangerusty Engager in Splunk Search 03-30-2018 0 2	0	2
What is the difference between PercentIdleTime and pctIdle when looking at CPU (index=os)? What is the difference between PercentIdleTime and pctIdle when looking at CPU (index=os)? I have looked up for answe... by burnsidepj New Member in Splunk Search 03-30-2018 0 1	0	1
Help on formula hi i use this code to monitore the hdd free space index="perfmon" sourcetype="perfmon:logicaldisk" instance=c: coun... by jip31 Motivator in Splunk Search 03-30-2018 0 2	0	2