Splunk Search

Community Activity

How to write a search to exclude an existing field(s) if Field1 has a value in ColumnA? Table below showing Column A, Column B, Column C and Column D. Calculation has to be: If Field1 has ColumnA value, ... by parikhapurva04 New Member in Splunk Search 03-27-2018 0 2	0	2
how to make single column content bold for specific values I have a statistic table in my dashboard. Which looks like the attached image. 1st column heading Area Now how ca... by surekhasplunk Communicator in Splunk Search 03-27-2018 0 2	0	2
Change command is not working for checkbox HI, I am trying to assign values to the token based on the values selected in the check box. If label="All" then I a... by madakkas Explorer in Splunk Search 03-27-2018 0 2	0	2
Regex to extract fields with different format Hello all, I need your help in order to get a regex that may extract fields from some messages. Example 1 USER: use... by nuaraujo Path Finder in Splunk Search 03-27-2018 0 6	0	6
How to check the status and start mode of these services? Hello all I want to check the status and the start mode of the 2 services below and I wrote this code. Does it seem t... by jip31 Motivator in Splunk Search 03-27-2018 0 19	0	19
Why strftime with %Z work differently between query and eval + token Hello In my dashboard, i saw a strange things with Timezone printing. In fact i have to make time conversion and sho... by ralzate Explorer in Splunk Search 03-27-2018 1 5	1	5
Create outliers split by clause I can create a table of numerical outliers for requests to a web service with something like \| timechart limit=11 us... by bowesmana SplunkTrust in Splunk Search 03-27-2018 0 1	0	1
Perform calculation based on 2 stats count result Hello, I've a requirement to perform the following calculation in percentage. First query is as below and single va... by krusovice Path Finder in Splunk Search 03-27-2018 0 2	0	2
Detecting outlier without using Splunk Machine Learning Toolkit Hi all, Not sure if it is a good way to solve this. Currently I do not have access to Splunk Machine Learning Toolk... by quahfamili Path Finder in Splunk Search 03-26-2018 0 5	0	5
multi value fields in subsearch to join become single value in parent I have a subseqrch to a join that returns a multivalued field. However, when that's put into a table in the parent se... by bowesmana SplunkTrust in Splunk Search 03-26-2018 0 2	0	2
How can I create a subsearch with multiple time ranges? I'm trying to write a subsearch that searches multiple sections of time. What I have works until I wrap it in bracket... by aguthrie1190 Path Finder in Splunk Search 03-26-2018 0 10	0	10
Stumped on basic stats to return a unique identifier from the slowest event by action So the concept is ridiculously simple, however I am having a monumental brain fart. I want to generate a table with ... by Cuyose Builder in Splunk Search 03-26-2018 0 4	0	4
No tables to display I have installed Splunk Enterprise 6.6.2 ( for Windows 10), Tableau Desktop 32 bit and splunk 32 bit ODBC Driver. C... by kavithamrgsn Engager in Splunk Search 03-26-2018 0 2	0	2
Table into single value I have a table like below: Service Failure_Count Failure_Rate AAA 200 ... by mauricio2354 Explorer in Splunk Search 03-26-2018 0 3	0	3
Splunk field extraction issue I want to extract a field event_id from the below log with all values being captured by this field name. The Events... by manish007g New Member in Splunk Search 03-26-2018 0 1	0	1
Custom CSS stylesheet and inline CSS not working on tables, any suggestions? Made a custom css stylesheet. Referenced it in the form tag: <form stylesheet="customColors.css">Then I restarted the... by SLoBello Explorer in Splunk Search 03-26-2018 0 3	0	3
How to correlate the searches, token, and the dropdown menu? I have 4 products that I want to find the server health on. I am using a dropdown menu to change between products who... by Jewatson17 Path Finder in Splunk Search 03-26-2018 0 1	0	1
Find start and end event times for a source Hi - I have a data source which is ingested regularly via DB Connect. When indexed it has the same sourcetype and so... by skelly99 Explorer in Splunk Search 03-26-2018 0 1	0	1
How to create a complex WHERE condition? Hi I have to create a complex SPL command (for me ;-)) In this command, I want to search a specific word which start... by jip31 Motivator in Splunk Search 03-26-2018 0 6	0	6
How to make single visualization switches to table? I have a query that outputs a table with services and their failure rates. I want it to be a green box that says "No ... by mauricio2354 Explorer in Splunk Search 03-26-2018 0 6	0	6
Single value behavior depending on other values Greetings, I have a panel that displays a single value (Total_Students). I have some math going on in this panel whi... by albinortiz Engager in Splunk Search 03-26-2018 0 0	0	0
EVAL separate search for Monday Each Monday the event count for skypeuk is 30 and skypeus is 200. However, for the rest of the weekday skypeuk is atl... by davidcraven02 Communicator in Splunk Search 03-26-2018 0 10	0	10
Splunk says dispatch directory is full but when I go to the dispatch directory, it is empty. So I keep getting this error: Dispatch Command: The minimum free disk space (3000MB) reached for /opt/splunk/var/run... by mcxrisley08 Path Finder in Splunk Search 03-26-2018 0 3	0	3
How do I make a predict function more aggressive? How do I make a predict function more aggressive? Below is an example of my predict example, search and graph: ... \|... by HattrickNZ Motivator in Splunk Search 03-26-2018 0 3	0	3
How to add a filter in the search to have a fieldvalue newer than a period of choice ? I am working in a search to filter events to get the application named installed in the system. However, if I remove... by bagarwal Path Finder in Splunk Search 03-26-2018 0 3	0	3