Splunk Search

Community Activity

eventstats distinct values I have used below query to get distinct values: stats values(gitRepo) AS serviceName BY buildNum This gives correc... by kasimbekur Explorer in Splunk Search 03-27-2018 0 3	0	3
Drilldown using fields not displayed in original table I've searched and found all sorts of advice and links to articles, but nothing has worked. Granted I am a Splunk newb... by grahamcampbell Explorer in Splunk Search 03-27-2018 1 7	1	7
Filter based on Null or blank or whitespace value.... Good afternoon all, As a relative noob to Splunk searching, I have a relatively easy (I hope) question. I have a Sp... by wwhitener Communicator in Splunk Search 03-27-2018 0 13	0	13
Joining Two base searches with a join Hi I have a very large base search. Full of tokens that can be driven from the user dashboard. It is built of 2 tsta... by robertlynch2020 Influencer in Splunk Search 03-27-2018 0 2	0	2
How to write a search to exclude an existing field(s) if Field1 has a value in ColumnA? Table below showing Column A, Column B, Column C and Column D. Calculation has to be: If Field1 has ColumnA value, ... by parikhapurva04 New Member in Splunk Search 03-27-2018 0 2	0	2
how to make single column content bold for specific values I have a statistic table in my dashboard. Which looks like the attached image. 1st column heading Area Now how ca... by surekhasplunk Communicator in Splunk Search 03-27-2018 0 2	0	2
Change command is not working for checkbox HI, I am trying to assign values to the token based on the values selected in the check box. If label="All" then I a... by madakkas Explorer in Splunk Search 03-27-2018 0 2	0	2
Regex to extract fields with different format Hello all, I need your help in order to get a regex that may extract fields from some messages. Example 1 USER: use... by nuaraujo Path Finder in Splunk Search 03-27-2018 0 6	0	6
How to check the status and start mode of these services? Hello all I want to check the status and the start mode of the 2 services below and I wrote this code. Does it seem t... by jip31 Motivator in Splunk Search 03-27-2018 0 19	0	19
Why strftime with %Z work differently between query and eval + token Hello In my dashboard, i saw a strange things with Timezone printing. In fact i have to make time conversion and sho... by ralzate Explorer in Splunk Search 03-27-2018 1 5	1	5
Create outliers split by clause I can create a table of numerical outliers for requests to a web service with something like \| timechart limit=11 us... by bowesmana SplunkTrust in Splunk Search 03-27-2018 0 1	0	1
Perform calculation based on 2 stats count result Hello, I've a requirement to perform the following calculation in percentage. First query is as below and single va... by krusovice Path Finder in Splunk Search 03-27-2018 0 2	0	2
Detecting outlier without using Splunk Machine Learning Toolkit Hi all, Not sure if it is a good way to solve this. Currently I do not have access to Splunk Machine Learning Toolk... by quahfamili Path Finder in Splunk Search 03-26-2018 0 5	0	5
multi value fields in subsearch to join become single value in parent I have a subseqrch to a join that returns a multivalued field. However, when that's put into a table in the parent se... by bowesmana SplunkTrust in Splunk Search 03-26-2018 0 2	0	2
How can I create a subsearch with multiple time ranges? I'm trying to write a subsearch that searches multiple sections of time. What I have works until I wrap it in bracket... by aguthrie1190 Path Finder in Splunk Search 03-26-2018 0 10	0	10
Stumped on basic stats to return a unique identifier from the slowest event by action So the concept is ridiculously simple, however I am having a monumental brain fart. I want to generate a table with ... by Cuyose Builder in Splunk Search 03-26-2018 0 4	0	4
No tables to display I have installed Splunk Enterprise 6.6.2 ( for Windows 10), Tableau Desktop 32 bit and splunk 32 bit ODBC Driver. C... by kavithamrgsn Engager in Splunk Search 03-26-2018 0 2	0	2
Table into single value I have a table like below: Service Failure_Count Failure_Rate AAA 200 ... by mauricio2354 Explorer in Splunk Search 03-26-2018 0 3	0	3
Splunk field extraction issue I want to extract a field event_id from the below log with all values being captured by this field name. The Events... by manish007g New Member in Splunk Search 03-26-2018 0 1	0	1
Custom CSS stylesheet and inline CSS not working on tables, any suggestions? Made a custom css stylesheet. Referenced it in the form tag: <form stylesheet="customColors.css">Then I restarted the... by SLoBello Explorer in Splunk Search 03-26-2018 0 3	0	3
How to correlate the searches, token, and the dropdown menu? I have 4 products that I want to find the server health on. I am using a dropdown menu to change between products who... by Jewatson17 Path Finder in Splunk Search 03-26-2018 0 1	0	1
Find start and end event times for a source Hi - I have a data source which is ingested regularly via DB Connect. When indexed it has the same sourcetype and so... by skelly99 Explorer in Splunk Search 03-26-2018 0 1	0	1
How to create a complex WHERE condition? Hi I have to create a complex SPL command (for me ;-)) In this command, I want to search a specific word which start... by jip31 Motivator in Splunk Search 03-26-2018 0 6	0	6
How to make single visualization switches to table? I have a query that outputs a table with services and their failure rates. I want it to be a green box that says "No ... by mauricio2354 Explorer in Splunk Search 03-26-2018 0 6	0	6
Single value behavior depending on other values Greetings, I have a panel that displays a single value (Total_Students). I have some math going on in this panel whi... by albinortiz Engager in Splunk Search 03-26-2018 0 0	0	0