Splunk Search

Discussions

Thread Info

How to rename the X-axis points in my chart from month number to month name?

Hello, Right now on my line chart, the months are labelled as 1, 2, 3 - I would like them to be displayed as Jan, Feb...

by Path Finder in

How to compare index data with a lookup?

Hi, I have a lookup with URL's, I have to compare with the index data to find count of the URL's in list. How to e...

by Builder in

how to troubleshoot role restriction presidence

Somehow all users on my staging server are restricted to some kind of search term. When I do this each on any othe...

by Motivator in

How to generate a search that will only display results where a field contains some non-alphanumeric characters?

A field is named product. I want to produce a list of products in my source, which are not made up of only english al...

by Explorer in

How to get a table cell color to change depending on the field value?

Hi, I've looked at a few answers now and can't make heads or tails of it, but what I am trying to do is, if the v...

by Path Finder in

How to gather Results based on various variables

Still trying to brush the rust off my fingers, I have this search: index=nitros_servers sourcetype=_json OR source...

by Contributor in

How to generate a search to sort based on domain names and count the number of emails from the domain?

i have a search with multiple domains in the email address , i need to sort it based on domain names and number of em...

by Explorer in

How to generate a search to calculate new column value?

Sample data below. I need to compute the col_3 based on col_1. It should give me the running sum of col_2 but should ...

by New Member in

How do I also include the values which has stats count 0 in the table ?

I'm trying to get the usage of some values (say, xyz) by "stats count by xyz" where i am getting the results of xyz w...

by New Member in

How do I chart Windows logon and logoff per user by hour?

I get a nice table with the logon and logoff times per user using the following search - LogName=Security EventCo...

by Contributor in

How to use values in lookup table not as fields but as search strings?

Using lookup table to search events but having some issues: |inputlookup router_lookup | rename Router_Name as DEV...

by Communicator in

Search two fields in one csv lookup

I want to use fields two fields that i have inside the lookup, Inside my lookup i have "account" and "date" bas...

by Engager in

How to edit my search to filter only IPs that have multiple Attack Names associated with them?

How do I filter only IPs that have multiple Attack Names associated with them? Here is the search string so far; howe...

by Explorer in

Table drilldowns: Problem with forward slash

Hi community, I am trying to create a drilldown for a table using a cell value that contains a URL (or part of it)...

by Explorer in

Transaction Maxpause doesn't work

I am trying to get the transaction results from a lookup file and I have _time field written into it for this to work...

by Path Finder in

Column value differences

Hello Guys, I have columns like column1, coulmn2, column3... and I want output as column1, column2=column2-column1...

by Explorer in

Mapping the location of a TrueClientIP on a Cluster or Choropleth Map.

Is it possible to Map out the locations of the 'TrueClientIP' Field in a search using either a Cluster or Choropleth ...

by Explorer in

Determining Logging Lag (and Device Feed Monitoring)

How do you track log and index lag with little overhead? Per device would be awesome and maybe throw in some kind of ...

by Path Finder in

Search to find unauthorized host(s) last login date

Hi looking for a search to find any unauthorized systems that are sitting on a network and the last login date.

by Explorer in

Is it possible to display all _raw events from one source

I have a file call /net/dell569srv/dell569srv2/apps/qa10157_TPK0002437_24367887/TestRunner/logs/20170321-184649.17336...

by Motivator in

Splunk Search

Discussions

How to rename the X-axis points in my chart from month number to month name?

How to compare index data with a lookup?

how to troubleshoot role restriction presidence

How to generate a search that will only display results where a field contains some non-alphanumeric characters?

How to get a table cell color to change depending on the field value?

How to gather Results based on various variables

How to generate a search to sort based on domain names and count the number of emails from the domain?

How to generate a search to calculate new column value?

How do I also include the values which has stats count 0 in the table ?

How do I chart Windows logon and logoff per user by hour?

How to use values in lookup table not as fields but as search strings?

Search two fields in one csv lookup

How to edit my search to filter only IPs that have multiple Attack Names associated with them?

Table drilldowns: Problem with forward slash

Transaction Maxpause doesn't work

Column value differences

Mapping the location of a TrueClientIP on a Cluster or Choropleth Map.

Determining Logging Lag (and Device Feed Monitoring)

Search to find unauthorized host(s) last login date

Is it possible to display all _raw events from one source

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >

REST API output_mode='json' causes client search e...

Find the good/bad percentage of ERRORS above/below...

find events that contain non english words

Query to find Duplicate fields in Splunk

Help with splitting multiline event needed

Splunk Search

Discussions

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too! Learn More or Register Now >

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >