Splunk Search

Community Activity

How does Splunk handle lookups when accelerating a data model? Hi, in general terms I have a data model that is accelerated and that has a field that comes from a lookup. This loo... by gschr Path Finder in Splunk Search 02-04-2018 0 1	0	1
How to extract month from a date field and sort by this without using the _time timestamp? Hi all, I'm a bit new to Splunk - I'm trying to sort some data by month, but I'm running into some roadblocks doing s... by atammana_splunk Splunk Employee in Splunk Search 02-03-2018 0 6	0	6
simple moving average with two variables hi , i had the following data which is collected daily price of 50 itesms i.e. TIMESTAMP, CLOSE and SYMBOL ( eg. ... by himpor Engager in Splunk Search 02-03-2018 0 2	0	2
How can I calculate the date difference by two timestamp? Hi all, I want to calculate the difference between dates within two different dates, my search is as below: code 1:... by sakuraWu1 New Member in Splunk Search 02-03-2018 0 1	0	1
,Stats count result naming I have a number of saved searches - and I am appending all the counts to form a total which works fine \|savedsearch ... by TCK101 New Member in Splunk Search 02-03-2018 0 5	0	5
Every Week Stats required for the eval % output. We're having a trouble to get the evaluating stats for each week. Could anyone please help us on this.. query: ind... by phanisravan18 New Member in Splunk Search 02-02-2018 0 5	0	5
What is the meaning of the Splunk Audit.log fields? Hello, I am interested in finding the meaning of the following fields? (1) event_count (2) result_count (3) availabl... by arpit_arora Explorer in Splunk Search 02-02-2018 0 1	0	1
What are the minimum set of capabilities to log in to Splunk and search an index? I want to create a standalone user role to access a single index for search only. I do not want to inherit any exist... by the_wolverine Champion in Splunk Search 02-02-2018 1 4	1	4
Counts in stats command not working the way I expected Hi, I have this query. It "works" (well mostly). What I'm confused about is the resulting stat table index=wholes... by dbcase Motivator in Splunk Search 02-02-2018 0 2	0	2
Table command losing field names in non-Verbose searches Hi, One of my users reported a bit of an odd issue that spontaneously developed recently. He's got a very long and ... by howyagoin Contributor in Splunk Search 02-02-2018 0 4	0	4
How can we check the number of searches ran by user? How can we check the number of searches ran by user? We tried installing Search Activity app but a majority of the u... by abhijit_mhatre Path Finder in Splunk Search 02-02-2018 0 1	0	1
extracting latitude and longitude for countries from csv lookup Hi, I have a csv lookup with country names mentioned already. How can I extract & table the longitude and latitude ... by aartivig289 Engager in Splunk Search 02-02-2018 0 2	0	2
How can we exclude rows which are present in another table/lookup ? Hi, I am using one search query to extract list of data and I want to exclude those rows which are present in one ... by AKG1_old1 Builder in Splunk Search 02-02-2018 0 6	0	6
Group results by similar name into one The name for Windows 7 Enterprise is spelt incorrectly for 6 machines as "Entreprise" and I need to group both these ... by davidcraven02 Communicator in Splunk Search 02-02-2018 0 10	0	10
How can I perform a field extraction and display it as a table that contains all the values from my search? Hi Team, Please find the below log sample. I want to extract from the line "program" till the end and display as a t... by senthamilselvan Engager in Splunk Search 02-02-2018 0 3	0	3
Sort Date in header I don't know what's wrong with my code. I cannot sort the date using sort. Below is my code. I need to sort it by Da... by katrinamara Path Finder in Splunk Search 02-02-2018 0 6	0	6
reset zoom button hide when click on other chart Hi, If we zoom in on any chart and we click reset zoom button and without making it neutral i.e setting the graph to ... by splunk_ankman Explorer in Splunk Search 02-02-2018 0 2	0	2
How Can I Separate Events Using Search Query? Hi All, Good Day, I've indexed an event from scripted input but the events are not breaking every line, example logs... by dantimola Communicator in Splunk Search 02-02-2018 0 8	0	8
Multiple Regex on a single file name Hello! I'm using splunk to monitor kubernetes pod log files. Which sit on the nodes, the file name is as follows: p... by bellsam New Member in Splunk Search 02-01-2018 0 4	0	4
Why are the data models intrusion and malware only working in the app search? Hi, I'm using Security enterprise but the datamodels intrusion and malware are not working but if I use the app searc... by paola92 Explorer in Splunk Search 02-01-2018 0 1	0	1
Geostats zoom-in on dashboard panel click G'day, So I have a pretty standard geostats search populating a dashboard map index="locations" (incident_type_1="F... by BenThwaites Explorer in Splunk Search 02-01-2018 1 0	1	0
how do I table common nested json keys that have uncommon parent json keys? I have the following JSON event that I'm indexing in splunk: { "plugins": { "Redirection": { ... by zhatsispgx Path Finder in Splunk Search 02-01-2018 0 0	0	0
How can I combine stats count by host into a single string to be used in an alert actions token? I have a search that looks like index=foo value=bar \| stats count by host Imagine you might get results like host... by burwell SplunkTrust in Splunk Search 02-01-2018 0 2	0	2
Why can I not search in Smart Mode or Verbose Mode in a specific sourcetype? Hi! I am trying to perform a very basic search to bring back results but the search appears to never finish when I q... by matthewssa Path Finder in Splunk Search 02-01-2018 0 2	0	2
Is there a way to remove the min outlier from the graph? I have the following chart: now I can use outliers to remove the max outliers: ... \| outlier action=remove But... by HattrickNZ Motivator in Splunk Search 02-01-2018 0 2	0	2