Splunk Search

Community Activity

	Json Parsing.. Json :-\| makeresults \| eval _raw="{<!-- -->\"a.com\": [{ \"yahoo.com\":\"10ms\",\"trans-id\": \"x1\"},{ \"google.com\":\"20ms... by onthakur Explorer in Splunk Search 01-19-2024 0 3	0	3
	How to get peak TPS stats for a month with the count of all route codes ? How to get peak TPS stats for a month with the count of all route codes ? by ashidhingra Path Finder in Splunk Search 01-19-2024 0 1	0	1
	how to filter lookup csv first Hi, I am using splunk enterprise 9.0.5.1 since about a month and have been experimenting with a dashboard (studio) fo... by svp66 Engager in Splunk Search 01-19-2024 0 2	0	2
	How to create a search that check each value from inputlookup table in a seach and return the results Hey Guys, I am trying to write a SPL in splunk where I have a lookup file with 10 values and I want to search each va... by Suagni Observer in Splunk Search 01-18-2024 0 1	0	1
	Total spend per field per month Hi Alli am struggling with a query and appreciate some help pleasei received the data on csv file - timestamp is toda... by PaulaCom Path Finder in Splunk Search 01-18-2024 0 1	0	1
	Issues in adding a lookup field in a Data Model Hi at all,I'm trying to add a field from a lookup in a Data Model, but the field is always empty in the Data Model, e... by gcusello SplunkTrust in Splunk Search 01-18-2024 0 10	0	10
	Json Parsing. I have below json and I want table of url and corresponding duration. {<!-- -->"details": {<!-- -->"sub-trans": [{<!-- -->"app-trans-id": "12... by onthakur Explorer in Splunk Search 01-18-2024 0 3	0	3
	Getting Error - [mvexpand] / max_mem_usage_mb has been reached getting below error ommand.mvexpand: output will be truncated at 3200 results due to excessive memory usage. Memory t... by sabari80 Explorer in Splunk Search 01-18-2024 0 15	0	15
	How to calcualte an Eval of percentage between two rows of stats values? Hi All,I'm trying to calculate the failureRate as a percentage between the NumberOfAuthErrors column and the TotalReq... by becksyboy Contributor in Splunk Search 01-18-2024 0 4	0	4
	Create new field by combining 2 fields from same index. I got 2 fields from same splunk indexfield1 have rows 1,2,3,4,5 and field2 have rows 10,12I want new field3 with data... by onthakur Explorer in Splunk Search 01-18-2024 0 1	0	1
	Indexes used within the last 30 day Hi, I am looking for a search to list out all of the indexes in Splunk. I know how to get the full but looking for a ... by Strangertinz Path Finder in Splunk Search 01-18-2024 0 2	0	2
	Splunk Chart dynamic column header sorting I have a chart formed like below and it's dynamic columns are created based on processes date. By default now the col... by avadhutha Explorer in Splunk Search 01-18-2024 0 4	0	4
	How to Disable Email Functionality for a Particular Role? (Or limit capabilities to admin) Is there a way to disable all email capabilities for a particular role in Splunk? The data in our deployment has to b... by MattHatter Explorer in Splunk Search 01-18-2024 0 1	0	1
	What is <14> we see in Splunk logs, each log starts with <14> what does it pertain to ? can anyone answer this please? <14> prefix is displayed in splunk logs, what does it mean, why is it displayed? Can anyone answer this question plea... by jlsiri Engager in Splunk Search 01-18-2024 0 3	0	3
	Fix JSON format by replacing single quote and put into new field Hello,\| dbxquery connection=test query="select employee_data from company"The following employee_data is not in prope... by LearningGuy Motivator in Splunk Search 01-18-2024 0 5	0	5
	How to sort dynamic column names? Hi, I have 2 columns: Name and Value. My column names are dynamically changed. How can I sort the column Names? Pl... by avitallange Explorer in Splunk Search 01-18-2024 0 6	0	6
	Need help on why my eval if statement isn't working Hello, I've been researching this online for over a day and nothing seems to be working for me. I have 2 EVAL IF st... by mninansplunk Path Finder in Splunk Search 01-18-2024 0 4	0	4
	Searching for windows logins Hello to all, really hoping I can make sense while asking this.... I'm an entry level IT Security Specialist and ... by ktaylor Loves-to-Learn Lots in Splunk Search 01-18-2024 0 7	0	7
	Need to create summary index continuously realtime Need to create summary index continuously realtime, now have two questions:1-run splunk forwarder on client and logs ... by indeed_2000 Motivator in Splunk Search 01-18-2024 0 13	0	13
	Expand the multivalue fields Trying to expand the multivalue field with one to one mapping as shown in image.mvexpand create multiple row with all... by RSS_STT Explorer in Splunk Search 01-18-2024 0 9	0	9
	How to extract variable field name from log file path and add them to each log line while sending to splunk Hi Everyone,I am using splunk forwarder and I have below requirements We have log files under path /opt/airflow/logs/... by Deep Engager in Splunk Search 01-18-2024 0 5	0	5
	reduce events by matching with a csv, but more than 10k matches Ok, been learning alot about reducing event size from a recent conversation (here) and got linked a great article on ... by loganramirez Path Finder in Splunk Search 01-17-2024 0 7	0	7
	An Alternative to Subsearch Hello,I am trying to use a subsearch in order to create a dashboard, but being the subsearches have limitations it is... by dcfrench3 Engager in Splunk Search 01-17-2024 0 5	0	5
	Is it possible to perform bitwise operations on values in the eval function? In the following query I'm trying to get the logical AND of two numbers: * \| head 1 \| eval x=2 \| eval y=2 \| eval z ... by whisperstream Explorer in Splunk Search 01-17-2024 0 5	0	5
	[box plot] How could I delete "trace 0" data not declared? I try to do box plot using viz.But I can see the "trace 0" data graph in box plot. ( I don't have any data called "tr... by Questioner Path Finder in Splunk Search 01-17-2024 0 3	0	3