Splunk Search

Community Activity

time chart / stats for each type of request and time in log file. Hi All, I have a weird log file which I have parsed using regex to extract fields.(attached screenshot). Now I want... by vamsi199 Engager in Splunk Search 01-16-2018 0 1	0	1
How to group events to recreate the detail of a session I have some events representiong a customer’s interaction with one of my company’s applications. The typical flow is... by mikeydee77 Path Finder in Splunk Search 01-16-2018 0 7	0	7
stats count by not working I want to use stats count (machine) by location but it is not working in my search. Below is my current query displ... by davidcraven02 Communicator in Splunk Search 01-16-2018 0 3	0	3
Calculate percentage in every row \| adding two search results into one I am fairly new to Splunk and I have a Two fold question. I am running a query to find the top issues reported in the... by shiv1593 Communicator in Splunk Search 01-16-2018 1 8	1	8
Percentage Difference between 2 indexes I have 2 searches from 2 different indexes. The first search is index="softwareimport" Product_Name="ActiveX" \|... by willadams Contributor in Splunk Search 01-16-2018 0 9	0	9
assign filed value to _time index=level3 host=Test \| table "Opened D" _time How to get Opened D time value into _time field so that I can use ti... by surekhasplunk Communicator in Splunk Search 01-16-2018 0 6	0	6
How to rex using sed rex command? How to rex using sed rex command? index = main \| rex field=URI "^(?.+?)(\?\|\z)" \|rex field=New_APIName mode=sed "... by karthi2809 Builder in Splunk Search 01-16-2018 1 3	1	3
How write a search to alert when a SiteMinder policy server or LDAP connection goes down? We need to develop an alert when the SiteMinder policy server or ldap connection goes down. Can any one help with t... by krishnacasso Path Finder in Splunk Search 01-16-2018 0 3	0	3
Recommended maximum concurrent searches? whats the recommended maximum concurrent searches overall can be performed if we have 40 indexers in a cluster. There... by ankithreddy777 Contributor in Splunk Search 01-16-2018 0 4	0	4
How extract URI using regex? I need to extract fields which mentioned in yellow? by karthi2809 Builder in Splunk Search 01-15-2018 0 4	0	4
Using Data as Fields I’m currently working with some production line data, where each tag value represent a field. Example like below: Ta... by leonheart78 Explorer in Splunk Search 01-15-2018 0 4	0	4
How to calculate limits for agents based on their activity? I want to receive notifications if agents lower or exceed their normal activity for the current day of the week and h... by exmuzzy Explorer in Splunk Search 01-15-2018 0 2	0	2
How to use "collect" and keep the timestamp and field extractions of the event? So I have used collect to save some events into a summary index. The problem is all of the timestamp information is l... by jameshgibson Path Finder in Splunk Search 01-15-2018 2 2	2	2
Can you use appendpipe and map together? I have a massively complex search that's working. But now I'd like to augment the output of that search with some ad... by Lowell Super Champion in Splunk Search 01-15-2018 1 10	1	10
How to get Eventstats Statistics based on an condition Looking for a bit of advice on how to pull this one off. What i'm trying to do is take some data, that also has a fl... by hio77 New Member in Splunk Search 01-15-2018 0 1	0	1
Replace markers in Choropleth with pie charts Hi I am reading the data from a csv lookup. I have client usage data per country for a number of business features. ... by aartivig289 Engager in Splunk Search 01-15-2018 0 0	0	0
Use geostats to mark multiple points on the map and separate them Hi! I have a question that I want to mark multiple points on the map. But it seems because the distance is too close,... by ShiORi New Member in Splunk Search 01-15-2018 0 1	0	1
creating scheduled lookup table Hi all, I'm looking to create a lookup table and wondering what is my best practice. Data source is SQL and I alrea... by eranday New Member in Splunk Search 01-15-2018 0 5	0	5
How to create a bin of bins? I need to create a "bin of bins"... in other words... each bin contains a bin. I desire to create a histogram (chart)... by Lynyrd Explorer in Splunk Search 01-15-2018 0 7	0	7
How to split multiply case number in same field? Hi fellow splunkers! I have a transaction that return case number in several scenarios. That is working perfectly wh... by steinroardahl Observer in Splunk Search 01-15-2018 0 3	0	3
Performing Calculation on the items of one cell base search \| stats values(trans_time) as TransTime by host \| transpose The output looks like this ... by zacksoft Contributor in Splunk Search 01-15-2018 0 10	0	10
Incremental average over the time Splunkers! As usual I'm learn from you. I'd need to plot an "incremental average" over time, i mean to calculate the... by CarmineCalo Path Finder in Splunk Search 01-15-2018 0 4	0	4
Avg per day \| tstats summariesonly=false sum(Internal_Log_Events.b) AS bytes from datamodel="Internal_Events" WHERE [inputlookup ... by test_qweqwe Builder in Splunk Search 01-15-2018 0 5	0	5
How to calculate the difference between two fields that contain a list Hi, I have a question regarding calculating the difference between two fields that are of a list type. Here is my q... by mahbs Path Finder in Splunk Search 01-15-2018 0 9	0	9
Time picker business hours Hi, There is any option to restrict a range of hours in the time picker? I want to select a value in the time picke... by splunkoceano New Member in Splunk Search 01-15-2018 0 2	0	2