Splunk Search

Community Activity

	unable to finish extracting fields Hi I am new to splunk using it to collect syslog data, I started extracting fields after the 4 field I get this erro... by cybonet New Member in Splunk Search 03-29-2018 0 6	0	6
	how to get difference between one value and the other values in a particular column or row? my data is like the table below. Column C is what I need to calculate: A----B----C 10----12----? 25----20----? 23----... by pramit46 Contributor in Splunk Search 03-29-2018 0 5	0	5
	help to build the query using abstract command base query \| regex field= "XXX(?.)" \| stats count by regular_expression_value this query displaying 5 lines but wa... by logloganathan Motivator in Splunk Search 03-29-2018 0 17	0	17
	viewing transforming command reult i want to display the output for the particular log with server name,error value and count eg: servername ABCD error ... by logloganathan Motivator in Splunk Search 03-29-2018 0 5	0	5
	What is the difference between views and searches in uri after an app name? In an uri of any saved search at some places there is '/views/' and '/searches/' after an app name. I want to know th... by JuhiSaxena Explorer in Splunk Search 03-28-2018 0 6	0	6
	Why does the dashboard search break, become limited, or run extremely slow but searching through the search app works fine? Lets say I have a search: ((value1 OR value_*) OR (status=404 OR status=500 OR status=503)) (index="main" OR index=... by SLoBello Explorer in Splunk Search 03-28-2018 0 4	0	4
	How to get the difference between first and last fields of each row I have a table like below Month Col1 Col2 Jan 10 20 Feb 30 40 Mar ... by shihabno New Member in Splunk Search 03-28-2018 0 6	0	6
	How to log in with IDs radius in the radius_auth application? Hello Everybody I installed the radius_auth application and I followed the procedure correctly. But when I try to l... by ALLIACOM New Member in Splunk Search 03-28-2018 0 0	0	0
	Extract search window for all types searches run in splunk I want to run a query to extract all the searches that have been run in splunk , to identity search date ranges provi... by kapadiamayur New Member in Splunk Search 03-28-2018 0 1	0	1
	How to write a search that says if the host equals this run this search or if the host equals this run this search. I want to write a search where i can use windows and linux servers. I want to have two searches in one, but I want on... by Jewatson17 Path Finder in Splunk Search 03-28-2018 0 2	0	2
	What is the significance of the base_max_search constant? Hi Splunkers, I am aware of the calculation used to arrive at the max concurrent searches that can be executed on a ... by ppuru Path Finder in Splunk Search 03-28-2018 0 2	0	2
	Group search results by result-values/-wildcards Hello Splunk Community, I have an selected field available called OBJECT_TYPE which could contain several values. Fo... by hse8fe Explorer in Splunk Search 03-28-2018 0 10	0	10
	Search if a field is NOT in the results of a subsearch This question is a follow-up to one I've submitted previously, "Search if a field is in the results of a subsearch". ... by OldManEd Builder in Splunk Search 03-28-2018 0 9	0	9
	Adding months with no data or you can say displaying months which are not present in my csv file into a bar representation. Hi all, My requirement is to display incidents raised within a date range.The range i am comparing with a date field ... by abhishekroy168 Path Finder in Splunk Search 03-28-2018 0 3	0	3
	Displaying data in table Hello, How to display these logs in table format. Raw data Source 1: 2018-03-25 00:30:00 Backup Process Started 201... by goyals05 Explorer in Splunk Search 03-28-2018 0 1	0	1
	merge fields Hello, I'm new to the splunk universe, and I need to create a dashboard listing the CVEs (security holes) of a Docke... by skhedim Explorer in Splunk Search 03-28-2018 0 7	0	7
	How can I arrange my search result: folder by folder? (I am watching logs in differents folders) I would like to know how I can arrange my search result folder by folder? (I am watching logs in differents folders) ... by jbosano Engager in Splunk Search 03-28-2018 0 1	0	1
	correlate data without subsearch or transaction Hi, I got data that have some fields missing in some events, e.g. field1 field2 field3 field4 field5 A... by stwong Communicator in Splunk Search 03-28-2018 0 4	0	4
	useing metadata commend to display sourcetype host and sources at the same time HI I want to use \| metadata commend to display sourcetype host and sources at the same time, so far I cant make conn... by samlinsongguo Communicator in Splunk Search 03-28-2018 0 2	0	2
	Modify token based on user moving forward and back on a panel's search results. On my dashboard I have a panel that displays a table. When the user clicks on the table, the drilldown sets a token ... by BearMormont Path Finder in Splunk Search 03-27-2018 0 1	0	1
	How to edit my search to compare indexed data with lookup data? There are 2 sister companies say A & B. Employee of A and B have access of both the company as they are sister compa... by kumargaurav New Member in Splunk Search 03-27-2018 0 1	0	1
	Inputlookup and sourcetype NOT not working I have 2 searches that I am trying to derive information on. The first is an inputlookup that is derived from a powe... by willadams Contributor in Splunk Search 03-27-2018 0 3	0	3
	Group same IPs used in time period by user Hello, I am trying to create a search where the same IP is used more than 50 times by the same email address. So far... by mobrienmoore1 New Member in Splunk Search 03-27-2018 0 3	0	3
	How do I change the REST API execution timeout? I am trying to setup the DUO Splunk Connector and am getting the following error in Splunk Web upon submitting the co... by thelucas Explorer in Splunk Search 03-27-2018 0 7	0	7
	transaction grouping with startwith and endwith log format: start: A End: A start: B End: B Start: C Start: D End: C End: D Start:E End:F Query I am using: \| rex f... by xinde Path Finder in Splunk Search 03-27-2018 0 3	0	3