Splunk Search

Community Activity

How to use a date field that isn't _time to search HelpDesk tickets closed in the last 30 days? Hello, I am indexing HelpDesk tickets and I am trying to derive some stats about these tickets. During the indexing... by justinfranks Path Finder in Splunk Search 12-04-2017 1 4	1	4
How to write a search to convert columns to rows? I need to convert the following source data as a specified output. Source Data API SUCCESS FAIL POLICY ... by kpkvarma Engager in Splunk Search 12-04-2017 1 3	1	3
How to return search manager result as JSON I have this code to display values of the search manager in the console but in array format, var mySearch = splunkjs... by josefa123 Explorer in Splunk Search 12-04-2017 0 6	0	6
move some content/source from one index to another index Hi, Can we move only selected file content from one index to another index. I want to move only selected source/conte... by sushildabare Path Finder in Splunk Search 12-04-2017 3 10	3	10
Self defined variable format in javascript search query I found many token based variable search examples online but not on own created variable in customized Javascript. E.... by clement Explorer in Splunk Search 12-04-2017 0 5	0	5
Send Alert if one event doesn't occur in 10 min I have used transaction and non transaction method. Non transaction method yields result but the results are not bein... by syjayaraj Explorer in Splunk Search 12-03-2017 0 10	0	10
How can I exclude a list of word in a table or file from a search that shows a table result? Good morning Splunk Community I'm currently working on a way on how to use splunk so that it can show the most popul... by rasamur Engager in Splunk Search 12-03-2017 0 6	0	6
send the time value for a search range hi, I need to take the start and end time of the first dashboard, and send the variables with token from the first ... by Carolina Engager in Splunk Search 12-03-2017 0 2	0	2
95th Percentile for this Query Hello: I am extremely new to Splunk and was given a task by my manager. He provided the query below and wanted to kno... by vleCSOD Explorer in Splunk Search 12-02-2017 1 4	1	4
Search for ports by host Hi All! What search commands can I use to get results like this? by vumanhtai Path Finder in Splunk Search 12-02-2017 1 3	1	3
compare data list Assume i have two stores which must have the same items but one is missing. My search returns for example STORE=LON... by mkrauss1 Explorer in Splunk Search 12-02-2017 0 8	0	8
Test Splunk Queries I am building a Splunk app for school and one of my requirements is to test that the queries sent to splunk work and ... by reesmanp New Member in Splunk Search 12-02-2017 0 4	0	4
Injecting fields into other events? I have a set of events with the pattern that there's a single event A that pairs with many event Bs (based on a field... by doweaver Path Finder in Splunk Search 12-02-2017 0 8	0	8
How to restrict search access to certain hosts or fields on a per-user basis? Hello. I'm new to Splunk. This may become obvious with my next question: I would like to restrict access to certain h... by jhillenburg Path Finder in Splunk Search 12-01-2017 1 4	1	4
How to sum the values of a multivalue field.? Hi my query is: index=_internal earliest=-60m@m latest=now\|transaction method \| table root method status bytes \| nomv... by gvnd Path Finder in Splunk Search 12-01-2017 0 6	0	6
Why are the field names different when using \|from datamodel instead of \|datamodel in a search? When I do a search with \|from datamodel, the search results are the same as when I do a search with \|datamodel, but t... by smoir_splunk Splunk Employee in Splunk Search 12-01-2017 0 3	0	3
How can I write a search with a multifield value for job type and organization? Hi there, Below is the query for which i need the multi field value for job type and organization. index=abc sourc... by kteng2024 Path Finder in Splunk Search 12-01-2017 0 3	0	3
display cumulative total and specific group summations on chart I have anti-virus data and I want to plot the the types of alerts on a chart over time. I want to plot the data such... by DEAD_BEEF Builder in Splunk Search 12-01-2017 0 5	0	5
Use regex on a known date field First, new to regex, so don't really know where to start. I've done some Google searching and up and down Splunk Ans... by jamescasey2 New Member in Splunk Search 12-01-2017 0 3	0	3
How to compare a field name with different field values? I am new to splunk, I have two field names: status and ip_address, status has different field values, status=200, 3... by chandanaberi Explorer in Splunk Search 12-01-2017 0 13	0	13
Limit on size of event/data passed to 'collect' command? We have a number of scheduled searches that run every few minutes to search for events recently indexed that match ce... by elliotproebstel Champion in Splunk Search 12-01-2017 1 9	1	9
How to calculate the average of a field value for n number of days? I have the below query index=abc sourcetype=xy.. \|timechart span=1d count as events by host \| addtotals time ... by vrmandadi Builder in Splunk Search 12-01-2017 0 21	0	21
Search with several joins taking too long I am trying to create a dashboard of CPU and Memory usage from some log files. Because of the way the data is inputte... by minura Engager in Splunk Search 12-01-2017 0 7	0	7
Can you help fix the output of appencols and stats list in this search? Hi, I'm trying to list data per field. I've used stats list which works partially, it lists all the data for both fi... by mahbs Path Finder in Splunk Search 12-01-2017 0 11	0	11
Help to modify existing regex to mask senstive PII? Hi Splunkers, I am looking for some help in modifying current regex to meet our updated project criteria. Link: htt... by smakwana Explorer in Splunk Search 12-01-2017 1 5	1	5