Splunk Search

Community Activity

	How to calculate the "Moving" sum of the last 52 weeks? Splunkers! I have a new problem I'm not able to solve, I hope you can help me... Basically, I'm counting the number ... by CarmineCalo Path Finder in Splunk Search 01-31-2018 0 3	0	3
	How to convert Hourly Stats into daily? Hi, I am a Splunk User and been using it for a few months now, I have created a query which creates a table of count... by varunghai Engager in Splunk Search 01-31-2018 0 2	0	2
	How to add a flat, single value line to a graph? Is there any way I can manually add another line to a chart, which is just a single value that I can decide? All I ... by samwatson45 Path Finder in Splunk Search 01-31-2018 0 6	0	6
	compare a search results Hi all, There are 2 fields, A and B... Values of A apple ora nge kite drink mask Values of B are orange.12 orang... by vinoth12 New Member in Splunk Search 01-31-2018 0 2	0	2
	Only show percentages when using pie chart Hi All, My requirement is to display only percentages in the pie chart not the label names. I tried below two optio... by bharathkumarnec Contributor in Splunk Search 01-31-2018 0 9	0	9
	How can I create categories and sub categories from a data field and use keywords from the field to compare it to another excel file? Hello fellow Splunkers,, I have a two fold question. I have a field called Call_DESCRIPTION_Text, which contains is... by shiv1593 Communicator in Splunk Search 01-31-2018 0 0	0	0
	Timestamp creation- index time from csv file Hi All, I have a situation where the data is in csv format and first two columns have date and time information, my ... by sidhantbhayana Path Finder in Splunk Search 01-30-2018 0 5	0	5
	Total occurrences within a column I am pulling Windows event logs for software updates. There's a column for successRatio that is either Success or Fai... by dmarcantonionw Engager in Splunk Search 01-30-2018 0 2	0	2
	Split transaction by new line I have a query like this: 213123123-231231230342 \| transaction startswith="user login process start" endswith="user ... by thomasreggi New Member in Splunk Search 01-30-2018 0 1	0	1
	How do I multiply 3 row values from 1 column and do it in one cell using append pipe. This is my search: \| makeresults \| eval data = " 1 2017-12 A 155749 131033 84.1; 2 2017-12 B 24869 236... by HattrickNZ Motivator in Splunk Search 01-30-2018 0 5	0	5
	converting time to utc with "%Y-%m-%dT%H:%M:%S.%3fZ format Hello I'm trying to convert an epoach time to the UTC time. I tried the following: e.g. pageStartTime = 15172758268... by dtakacssplunk Explorer in Splunk Search 01-30-2018 0 3	0	3
	How to reduce TimeChart count by minute if bins > x? Hi Everyone, Would like to reduce bin count to 1 for each bin if total bins is greater than 10. (basically I want... by subtrakt Contributor in Splunk Search 01-30-2018 0 5	0	5
	How to create a stats count by aggregating multiple fields? How do you create a stats count after aggregating multiple fields into one? Example: Given the following table: ind... by dkotowsk Engager in Splunk Search 01-30-2018 0 1	0	1
	How to add time values together in search query? Basically just trying to add three time values together by doing this: eval total_time = queue_time + Duration + test... by cdgill Explorer in Splunk Search 01-30-2018 0 7	0	7
	How to add values from two CSV files? I have multiple tables, can I add/OR/AND... on each cell of all the tables? For example, if I have below two tables,... by fzhao2 Engager in Splunk Search 01-30-2018 0 2	0	2
	How to show multiple values in a Pie chart? Hi All, I have a dashboard, which contains a pie chart, that looks like this. As visible, there are only 5 values... by shiv1593 Communicator in Splunk Search 01-30-2018 0 6	0	6
	How to create a table using different fields? i have this kind of data: event 1: field_name=field_value status="process" status_file="file_name" event 2: fiel... by chandana204 Communicator in Splunk Search 01-30-2018 0 2	0	2
	Why does Field extraction requires trim? My iis data has a field name cs_uri_query, for example: Cmd=Sync&User=XYZ%5Cjqpublic%40xyz.com&DeviceId=SEC539D6F312... by JarrettM Path Finder in Splunk Search 01-30-2018 0 3	0	3
	Why am I getting different Results when using a token in a timechart count By Action search compared to when I use the same search without the tokens? I am Trying to build a Dashboard based on the below search with a drop down picker for time span and a drop down Butt... by tnoelOTS Explorer in Splunk Search 01-30-2018 0 1	0	1
	How to rename a dynamic header name? Hi, I need to format a search very specifically so that the client's automation receives a report correctly. All I ne... by Uwbspeicher New Member in Splunk Search 01-30-2018 0 3	0	3
	how to find the average response time per minute for a selected timerange? Hello, I am doing a search for selected timerange 27th to 28th index=abc... \| bucket _time span=1d\|eval Time=strfti... by vrmandadi Builder in Splunk Search 01-30-2018 0 8	0	8
	What search string do I need to get Pie Graph by Field Value? I don't know why this is so hard, but I'm having issues creating a simple pie chart. I'm relatively new to Splunk and... by jroes014 New Member in Splunk Search 01-30-2018 0 5	0	5
	I am using a lookup table and I only want the results that have a match in the look up table. lookup Down.csv node AS host, BBB AS Circuit Table host,Circuit,msg,_time,node, BBB I only want events to hit the t... by jamesfdally Explorer in Splunk Search 01-30-2018 0 9	0	9
	How to get multiple events in single row of table? I search logs for these strings: "member left" OR "left cluster" OR "asking member". It gives below output. These ev... by archananaveen Explorer in Splunk Search 01-30-2018 0 5	0	5
	How to get the type extracted in regex? Hi, I have this data and I'm challenged (not hard to do) on how to get the type extracted. On the first line type=... by dbcase Motivator in Splunk Search 01-30-2018 0 15	0	15