Splunk Search

Community Activity

	Another Regex Question I'm trying to rex out a new field from the message.Exception field. What I'm trying to extract is in the brackets be... by kwkeefer Explorer in Splunk Search 01-31-2018 0 5	0	5
	how to write an "if" statement for a value in all the fields? Hi, Is there a way of writing an if condition that basically says, "if value x exists in all of tabled fields, then ... by mahbs Path Finder in Splunk Search 01-31-2018 0 4	0	4
	How to create an If/Else statement inside an eval statement? Hello All, I am running the following search: index="ledata_2017" NOT Project="60*" \| stats sum(ActualPTDCostsAMT) ... by tonahoyos Explorer in Splunk Search 01-31-2018 0 7	0	7
	Help with field extraction I'm failing miserably at this. I'm hoping someone can help me out so I can build my knowledge for future extractions ... by mcollins42 New Member in Splunk Search 01-31-2018 0 6	0	6
	How can I search for a file and then use the name of that file to drive the next search? I have a collection of hundreds of files. I want to write a search that (1) finds which file has a certain keyword a... by dmoulais New Member in Splunk Search 01-31-2018 0 1	0	1
	How to calculate the "Moving" sum of the last 52 weeks? Splunkers! I have a new problem I'm not able to solve, I hope you can help me... Basically, I'm counting the number ... by CarmineCalo Path Finder in Splunk Search 01-31-2018 0 3	0	3
	How to convert Hourly Stats into daily? Hi, I am a Splunk User and been using it for a few months now, I have created a query which creates a table of count... by varunghai Engager in Splunk Search 01-31-2018 0 2	0	2
	How to add a flat, single value line to a graph? Is there any way I can manually add another line to a chart, which is just a single value that I can decide? All I ... by samwatson45 Path Finder in Splunk Search 01-31-2018 0 6	0	6
	compare a search results Hi all, There are 2 fields, A and B... Values of A apple ora nge kite drink mask Values of B are orange.12 orang... by vinoth12 New Member in Splunk Search 01-31-2018 0 2	0	2
	Only show percentages when using pie chart Hi All, My requirement is to display only percentages in the pie chart not the label names. I tried below two optio... by bharathkumarnec Contributor in Splunk Search 01-31-2018 0 9	0	9
	How can I create categories and sub categories from a data field and use keywords from the field to compare it to another excel file? Hello fellow Splunkers,, I have a two fold question. I have a field called Call_DESCRIPTION_Text, which contains is... by shiv1593 Communicator in Splunk Search 01-31-2018 0 0	0	0
	Timestamp creation- index time from csv file Hi All, I have a situation where the data is in csv format and first two columns have date and time information, my ... by sidhantbhayana Path Finder in Splunk Search 01-30-2018 0 5	0	5
	Total occurrences within a column I am pulling Windows event logs for software updates. There's a column for successRatio that is either Success or Fai... by dmarcantonionw Engager in Splunk Search 01-30-2018 0 2	0	2
	Split transaction by new line I have a query like this: 213123123-231231230342 \| transaction startswith="user login process start" endswith="user ... by thomasreggi New Member in Splunk Search 01-30-2018 0 1	0	1
	How do I multiply 3 row values from 1 column and do it in one cell using append pipe. This is my search: \| makeresults \| eval data = " 1 2017-12 A 155749 131033 84.1; 2 2017-12 B 24869 236... by HattrickNZ Motivator in Splunk Search 01-30-2018 0 5	0	5
	converting time to utc with "%Y-%m-%dT%H:%M:%S.%3fZ format Hello I'm trying to convert an epoach time to the UTC time. I tried the following: e.g. pageStartTime = 15172758268... by dtakacssplunk Explorer in Splunk Search 01-30-2018 0 3	0	3
	How to reduce TimeChart count by minute if bins > x? Hi Everyone, Would like to reduce bin count to 1 for each bin if total bins is greater than 10. (basically I want... by subtrakt Contributor in Splunk Search 01-30-2018 0 5	0	5
	How to create a stats count by aggregating multiple fields? How do you create a stats count after aggregating multiple fields into one? Example: Given the following table: ind... by dkotowsk Engager in Splunk Search 01-30-2018 0 1	0	1
	How to add time values together in search query? Basically just trying to add three time values together by doing this: eval total_time = queue_time + Duration + test... by cdgill Explorer in Splunk Search 01-30-2018 0 7	0	7
	How to add values from two CSV files? I have multiple tables, can I add/OR/AND... on each cell of all the tables? For example, if I have below two tables,... by fzhao2 Engager in Splunk Search 01-30-2018 0 2	0	2
	How to show multiple values in a Pie chart? Hi All, I have a dashboard, which contains a pie chart, that looks like this. As visible, there are only 5 values... by shiv1593 Communicator in Splunk Search 01-30-2018 0 6	0	6
	How to create a table using different fields? i have this kind of data: event 1: field_name=field_value status="process" status_file="file_name" event 2: fiel... by chandana204 Communicator in Splunk Search 01-30-2018 0 2	0	2
	Why does Field extraction requires trim? My iis data has a field name cs_uri_query, for example: Cmd=Sync&User=XYZ%5Cjqpublic%40xyz.com&DeviceId=SEC539D6F312... by JarrettM Path Finder in Splunk Search 01-30-2018 0 3	0	3
	Why am I getting different Results when using a token in a timechart count By Action search compared to when I use the same search without the tokens? I am Trying to build a Dashboard based on the below search with a drop down picker for time span and a drop down Butt... by tnoelOTS Explorer in Splunk Search 01-30-2018 0 1	0	1
	How to rename a dynamic header name? Hi, I need to format a search very specifically so that the client's automation receives a report correctly. All I ne... by Uwbspeicher New Member in Splunk Search 01-30-2018 0 3	0	3