Splunk Search

Community Activity

Average of the total count Hello all, How can I get the average of the output as below? Calculation is 40 + 20 + 50 / 3 = 36.6 REQUEST ... by krusovice Path Finder in Splunk Search 03-15-2018 0 5	0	5
How to remove "Other" option from Time Range Picker I have "Other" as a drop-down option in my Time Range Picker. I have separate times.conf file for my application in ... by tkadale Path Finder in Splunk Search 03-15-2018 2 5	2	5
How to match two lookups in Splunk? I have fields ComponentName, CNC in lookup A and fields ComponentName, ENDPOINT in lookup B. The output should have f... by joachimroshan New Member in Splunk Search 03-14-2018 0 2	0	2
Group my data per week Hi All, I am currently having trouble in grouping my data per week. My search is currently configured to be in a rel... by NicoloPunzalan2 Engager in Splunk Search 03-14-2018 0 2	0	2
Read data between in log file based on date Hi, I have a log file and want to read everyday data only. File Format is like sometextsometext Friday, March 9, 2... by axs21 New Member in Splunk Search 03-14-2018 0 6	0	6
Query doesn't work under CURL call (but is fine under user interface) Hi; I have a query that ends as follows \| stats count(eval(HttpStatus LIKE "2__")) AS success count(eval(HttpStatus... by h0riz0nhk New Member in Splunk Search 03-14-2018 0 4	0	4
Removing the "not found" results from a pie chart in csv format Hello All, I have csv data like this ip address, Ports Open 192.168.1.1, 80 192.168.1.2, 81 192.168.1.3, none 192... by anirudhduggal Engager in Splunk Search 03-14-2018 0 5	0	5
combine 2 queries and subtract the results I have the below queries, would like to run together and subtract the count results. Any help appreciated. \|host=S... by bgleich New Member in Splunk Search 03-14-2018 0 3	0	3
Count number of field value per source and show as table I have a field named "router" that has multiple values and have three sources. I would like to count the router value... by christopheryu Communicator in Splunk Search 03-14-2018 0 5	0	5
Search for Error only in the latest log file coming from different hosts My original search Query returns results- index="ver_logs" "ERORR detected" \| rex field=source "VerLogs\\\(?.*?)\_... by nmohammed Builder in Splunk Search 03-14-2018 0 11	0	11
How to extract fields from xml in a lookup table? I have a lookup table where one of the field columns is xml format. I'm trying to extract fields from the xml entries... by matstap Communicator in Splunk Search 03-14-2018 0 4	0	4
How to search Events on Hosts in Inputlookup File? I have a CSV that I've created via ldapsearch, that contains a single column with 'cn' and then a list of servers. I... by Kendo213 Communicator in Splunk Search 03-14-2018 0 10	0	10
Error in Eval in Search Command. Please help. \| makeresults \| eval ipaddress=192.168.1.1 \| lookup AM ipaddress OUTPUT hostname \| table ipaddress,hostname This wor... by ReachDataScient Explorer in Splunk Search 03-14-2018 0 7	0	7
Correlation Events and Discard Events Hello, I need your help to correlation some transactions by a number of reference and responses Input and Output bu... by Carolina Engager in Splunk Search 03-14-2018 0 1	0	1
Remove the query string from a Url field Need to exclude the query parameters from a URL field. For e.g. the field contains http://www.google.com/india?searc... by gassershaun Engager in Splunk Search 03-14-2018 0 4	0	4
Why isn't my query working after adding timechart? Greetings All - I have a query that gives me the data I need. However when I tried to add a timechart function to b... by ZigZaggin Explorer in Splunk Search 03-14-2018 0 18	0	18
How to find users that had only errors for certain event? We have log entries in format like this: LogLevel=info username=some1 eventID=update So in case of error the LogL... by dsnytkine Engager in Splunk Search 03-14-2018 0 7	0	7
latest date Hello , So my question today is: for my earliest time i have "-1w@w1",so my research start from the last monday.The ... by taha13 Explorer in Splunk Search 03-14-2018 0 7	0	7
How can I create a query where I can sum the total and then take the percentage and add them in a column? Hello, I need your help for the following: I need to add the Total row and then divide it by the column of funds. E... by Carolina Engager in Splunk Search 03-14-2018 0 7	0	7
How to compare fieldName from different sourcetypes? I have a field called hostname,domain,ipaddress all my 5 sourcetypes are having same fieldname, I want to compare all... by vemurisurya Path Finder in Splunk Search 03-14-2018 0 3	0	3
Is there a way to have a list of forwarded files in Splunk? I have multiple xml files which have been forwarded to Splunk from my machine. Each file has its own data which is us... by mawomommoh Path Finder in Splunk Search 03-14-2018 0 4	0	4
transaction/duration? I have events with a kind of chronological flow. The events contain a ID, status, _time and a time inside the event. ... by Mike6960 Path Finder in Splunk Search 03-14-2018 0 10	0	10
extracting eval for reuse in other searches Hi I have a dashboard which shows metrics for an API. It has a graph for response times, tables for min max average ... by SimonKof New Member in Splunk Search 03-14-2018 0 2	0	2
Creating a User profile who has access to monitoring console only Hi All, I checked all the options in Splunk and I am unable to find an option for creating a user with a a role who ... by PhenylVon New Member in Splunk Search 03-14-2018 0 1	0	1
How to write regex to select specific fields on a search? hi below is my search, when I do search for Error this is what I get; then I run this search to create "Message" f... by carlyleadmin Contributor in Splunk Search 03-14-2018 0 3	0	3