Splunk Search

Community Activity

what is meaning of communication protocols in spunk what is meaning of communication protocols in spunk by maheshsat Explorer in Splunk Search 01-08-2018 0 3	0	3
How to count daily events with specific time? Hi guys, I need to count number of events daily starting from 9 am to 12 midnight. Currently I have "earliest=@d+9h ... by auaave Communicator in Splunk Search 01-08-2018 0 10	0	10
Rename Field From Input File And Perform Search Hello! I am attempting to find events based on names in a CSV file (I am attempting to build a search to identify se... by aakashshah Explorer in Splunk Search 01-08-2018 0 11	0	11
Help with the query that works with splunk server groups Hi, Below is the query i am using to get the hostname , IP addresses and last reported to splunk . \| metadata type... by kteng2024 Path Finder in Splunk Search 01-08-2018 0 2	0	2
How to use AND operation with multivalue fields? I have a two multivalued fields 1)segment_status -with values SUCCEEDED-100 FAILED-100 2)segment_provider_id-with... by vrmandadi Builder in Splunk Search 01-08-2018 0 9	0	9
How to Build an If Statement based on if a field contains a string For every record where the field Test contains the word "Please" - I want to replace the string with "This is a test"... by katzr Path Finder in Splunk Search 01-08-2018 0 2	0	2
Hi Experts,Could you please give me the script which will work to send the SNMP traps to other systems with alert name , hostname and some other fiedls. Hi Experts, Could you please give me the script which will work to send the SNMP traps to other systems with alert n... by Nandakumar New Member in Splunk Search 01-08-2018 0 2	0	2
Search log file based on timestamp from other file Hi We have 2 files First File has only start time and end time of the test. STARTTIME ... by tushargupta1 New Member in Splunk Search 01-08-2018 0 2	0	2
How to count events from a same file with having two different raw text ? Hi Splunker, I have to count success and failure count from the same index and sourcetype on the basis of raw text i... by m7787580 Explorer in Splunk Search 01-08-2018 0 2	0	2
remove duplicate or similar event in a trasaction command from the search Hello Everybody, I want to remove similar event which are in a transaction command. In my case, I want to merge th... by amir_thales Path Finder in Splunk Search 01-08-2018 0 6	0	6
continuously DB query with overcome short date format Hello, im trying querying HIVE table via 'rising' mode. query must contain certain timestamp_1 column (otherwise no r... by OBsecurity Explorer in Splunk Search 01-08-2018 0 0	0	0
How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time? How to upload multiple files in the Splunk? by swati_sharma New Member in Splunk Search 01-08-2018 0 8	0	8
Why is using base searches causing major performance issues on my dashboard? Working on making dashboards to help report on activity. To make the dashboards as performant as possible, I'm using... by klinek Explorer in Splunk Search 01-08-2018 2 11	2	11
Can we use Start/End times from a query to get duration to use it in another search query to get an average of a field in that duration ? I am able to get the Start/End times of a load test execution from a search query (by getting End time from Timestamp... by MSaraswat New Member in Splunk Search 01-07-2018 0 2	0	2
Dashboard to display varied graph types on a single timeline with tool tip pointer I have multiple logs from a single application that has different index, source type and log types. And i am trying t... by pavanml Path Finder in Splunk Search 01-06-2018 1 7	1	7
Lookup: Replace / Create new field Hi. For example: When I run search and see field Sub_Status - 0xC0000064 I wanna new field that will explain what the... by test_qweqwe Builder in Splunk Search 01-06-2018 0 1	0	1
How do I create a capture group that continues until it matches two exact characters in a row Hey everyone, This question probably shows my lack of understanding with regex, but this is giving me a headache an... by rbechtold Communicator in Splunk Search 01-06-2018 0 4	0	4
How can I extract a field from a JSON strcuture and combine it in a search with other fields from different JSON structures?? Hi SPL guru's! im struggling with how to 1 pluck one field's value from one JSON structure and [2] combine in the s... by keiran_harris Path Finder in Splunk Search 01-06-2018 0 5	0	5
Join two search queries - two indices. Hi we try to join the information of two indices. INDEX_A contains the GC-Logfiles for a specific environment. To ... by splunk_arz Explorer in Splunk Search 01-05-2018 0 7	0	7
Can splunk identify bank details being changed on a legacy trading system? Can Splunk identify a pattern in which fraud is occurring, for example, emails asking to change bank accounts, emails... by MarcusWale123 New Member in Splunk Search 01-05-2018 0 2	0	2
Determine daily change rate for ESXi Hosts Hello, we need to determine the Daily Change rate for logs on our ESXi Hosts (deployment sizing). Can anyone offer ... by slittle1874 New Member in Splunk Search 01-05-2018 0 1	0	1
Not able to get response queries with special characters in If statement Hi, I am trying to get response time between events using below query but for some reason i am not being returned a... by dharmeshbhavsar New Member in Splunk Search 01-05-2018 0 4	0	4
AND OR not working correctly I am getting the below error when trying to form an AND & OR in my query. Error in 'eval' command: The expression i... by davidcraven02 Communicator in Splunk Search 01-05-2018 0 6	0	6
Eval and stats not bring friendly index=ios host=1.1.0.2 src_ip="1.2.2.1" "NBRCHANGE" \| head 1 \| eval status = if(like(_raw, "%down%"), 1 , 0) \| sta... by LoganRhamy New Member in Splunk Search 01-05-2018 0 5	0	5
Count occurrences of all values of a field for another field Hello all, I am trying to count all the occurrences of keywords that show up in logs. Here is an example: Here is lo... by behudelson Path Finder in Splunk Search 01-05-2018 0 7	0	7