Splunk Search

Community Activity

Why does the dashboard search break, become limited, or run extremely slow but searching through the search app works fine? Lets say I have a search: ((value1 OR value_*) OR (status=404 OR status=500 OR status=503)) (index="main" OR index=... by SLoBello Explorer in Splunk Search 03-28-2018 0 4	0	4
How to get the difference between first and last fields of each row I have a table like below Month Col1 Col2 Jan 10 20 Feb 30 40 Mar ... by shihabno New Member in Splunk Search 03-28-2018 0 6	0	6
How to log in with IDs radius in the radius_auth application? Hello Everybody I installed the radius_auth application and I followed the procedure correctly. But when I try to l... by ALLIACOM New Member in Splunk Search 03-28-2018 0 0	0	0
Extract search window for all types searches run in splunk I want to run a query to extract all the searches that have been run in splunk , to identity search date ranges provi... by kapadiamayur New Member in Splunk Search 03-28-2018 0 1	0	1
How to write a search that says if the host equals this run this search or if the host equals this run this search. I want to write a search where i can use windows and linux servers. I want to have two searches in one, but I want on... by Jewatson17 Path Finder in Splunk Search 03-28-2018 0 2	0	2
What is the significance of the base_max_search constant? Hi Splunkers, I am aware of the calculation used to arrive at the max concurrent searches that can be executed on a ... by ppuru Path Finder in Splunk Search 03-28-2018 0 2	0	2
Group search results by result-values/-wildcards Hello Splunk Community, I have an selected field available called OBJECT_TYPE which could contain several values. Fo... by hse8fe Explorer in Splunk Search 03-28-2018 0 10	0	10
Search if a field is NOT in the results of a subsearch This question is a follow-up to one I've submitted previously, "Search if a field is in the results of a subsearch". ... by OldManEd Builder in Splunk Search 03-28-2018 0 9	0	9
Adding months with no data or you can say displaying months which are not present in my csv file into a bar representation. Hi all, My requirement is to display incidents raised within a date range.The range i am comparing with a date field ... by abhishekroy168 Path Finder in Splunk Search 03-28-2018 0 3	0	3
Displaying data in table Hello, How to display these logs in table format. Raw data Source 1: 2018-03-25 00:30:00 Backup Process Started 201... by goyals05 Explorer in Splunk Search 03-28-2018 0 1	0	1
merge fields Hello, I'm new to the splunk universe, and I need to create a dashboard listing the CVEs (security holes) of a Docke... by skhedim Explorer in Splunk Search 03-28-2018 0 7	0	7
How can I arrange my search result: folder by folder? (I am watching logs in differents folders) I would like to know how I can arrange my search result folder by folder? (I am watching logs in differents folders) ... by jbosano Engager in Splunk Search 03-28-2018 0 1	0	1
correlate data without subsearch or transaction Hi, I got data that have some fields missing in some events, e.g. field1 field2 field3 field4 field5 A... by stwong Communicator in Splunk Search 03-28-2018 0 4	0	4
useing metadata commend to display sourcetype host and sources at the same time HI I want to use \| metadata commend to display sourcetype host and sources at the same time, so far I cant make conn... by samlinsongguo Communicator in Splunk Search 03-28-2018 0 2	0	2
Modify token based on user moving forward and back on a panel's search results. On my dashboard I have a panel that displays a table. When the user clicks on the table, the drilldown sets a token ... by BearMormont Path Finder in Splunk Search 03-27-2018 0 1	0	1
How to edit my search to compare indexed data with lookup data? There are 2 sister companies say A & B. Employee of A and B have access of both the company as they are sister compa... by kumargaurav New Member in Splunk Search 03-27-2018 0 1	0	1
Inputlookup and sourcetype NOT not working I have 2 searches that I am trying to derive information on. The first is an inputlookup that is derived from a powe... by willadams Contributor in Splunk Search 03-27-2018 0 3	0	3
Group same IPs used in time period by user Hello, I am trying to create a search where the same IP is used more than 50 times by the same email address. So far... by mobrienmoore1 New Member in Splunk Search 03-27-2018 0 3	0	3
How do I change the REST API execution timeout? I am trying to setup the DUO Splunk Connector and am getting the following error in Splunk Web upon submitting the co... by thelucas Explorer in Splunk Search 03-27-2018 0 7	0	7
transaction grouping with startwith and endwith log format: start: A End: A start: B End: B Start: C Start: D End: C End: D Start:E End:F Query I am using: \| rex f... by xinde Path Finder in Splunk Search 03-27-2018 0 3	0	3
Extracting data from JSON log event I currently have the below event. I'm trying to extract the field name, and value. I'm unable to edit config for this... by hippe21 Explorer in Splunk Search 03-27-2018 0 2	0	2
eventstats distinct values I have used below query to get distinct values: stats values(gitRepo) AS serviceName BY buildNum This gives correc... by kasimbekur Explorer in Splunk Search 03-27-2018 0 3	0	3
Drilldown using fields not displayed in original table I've searched and found all sorts of advice and links to articles, but nothing has worked. Granted I am a Splunk newb... by grahamcampbell Explorer in Splunk Search 03-27-2018 1 7	1	7
Filter based on Null or blank or whitespace value.... Good afternoon all, As a relative noob to Splunk searching, I have a relatively easy (I hope) question. I have a Sp... by wwhitener Communicator in Splunk Search 03-27-2018 0 13	0	13
Joining Two base searches with a join Hi I have a very large base search. Full of tokens that can be driven from the user dashboard. It is built of 2 tsta... by robertlynch2020 Influencer in Splunk Search 03-27-2018 0 2	0	2