Splunk Search

Community Activity

Chart based on # of events I want to create charts based on number of results. I have tried "172.20.3.6 (199.0.8.62 OR 199.0.8.57) StoresOutBo... by jared_anderson Path Finder in Splunk Search 10-23-2017 0 2	0	2
How to filter list of hosts from 2 lookup tables? I have a lookup search as follows \|inputlookup hostnames.csv Which displays the results as follows my_hostname... by pavanae Builder in Splunk Search 10-23-2017 0 5	0	5
Are there any CSS libraries for designing charts in Splunk? Hi All, Is there an easier way in designing the charts? What i've found is using css but building one from scratch... by ejespiritu Explorer in Splunk Search 10-23-2017 0 8	0	8
Display all values (including duplicate values) in timechart graph Hello, In my data, there could be multiple values(duration) for Scriptname. I am using Time Chart to display data an... by AKG1_old1 Builder in Splunk Search 10-23-2017 2 4	2	4
Need to break the events before certain word. I've log file something like below, DA FILE: /archive/attr/ABC/XYZ/20170911/file.log-new*** Files traversed: 128 - ... by isha_rastogi Path Finder in Splunk Search 10-23-2017 0 4	0	4
chart after using stats latest() I have the following command: sourcetype="sourcetype" eventid=731 OR eventid=730 \| stats latest(eventid) by target \|... by jared_anderson Path Finder in Splunk Search 10-23-2017 1 4	1	4
Convert string to number and compare Hello, why this is not working ? \| gentimes start=-1 \| eval WithUnit="0/1 2/2 3/8 0/0 5/5" \| makemv WithUnit \| table... by Rialf1959 Explorer in Splunk Search 10-23-2017 0 5	0	5
How to edit my search to trigger when an account is locked out, including details of where and why it happened? Hi I need to create an alert to trigger when an account is locked out with the details of where and why account lock... by kiran331 Builder in Splunk Search 10-23-2017 0 6	0	6
How can I count account access to devices (counts) by day? I want to find/graph the count of (dc(X) as dc_X_count by Y) by day. In other words, I have some events in a basic s... by pyamamoto New Member in Splunk Search 10-23-2017 0 6	0	6
How do you run a second search based on the value/results of a first search? My goal for this search is to find if a file was not imported. If the file is imported "Could not find a file in the"... by griffinpair Path Finder in Splunk Search 10-23-2017 0 6	0	6
stacked bar chart of sum of errorcodes by server I'm trying to create 1 bar chart to kill 2 views, my search is as follows; sourcetype="error log" severity=ERROR \| t... by eddychuah Path Finder in Splunk Search 10-23-2017 0 2	0	2
How to convert job duration to HH:MM:SS I am trying to create a dashboard for the Job status and I want to convert the job duration to HH:MM:SS. I use the be... by pbsuju Explorer in Splunk Search 10-23-2017 0 6	0	6
Why am I getting "waiting for your queued job to start" message while running search queries? I get a message "waiting for your queued job to start" while running search queries. Anybody knows why this message i... by dineshraj Explorer in Splunk Search 10-23-2017 0 2	0	2
Finding users currently logged in to my app For some reason I am having a real hard time wrapping my head around something..... We have an application where we ... by cjmckenna New Member in Splunk Search 10-22-2017 0 4	0	4
Tstats command Does anybody have a good documentation regarding on how to use tstats? I have mainly used "normal" searches but need ... by ecanmaster Explorer in Splunk Search 10-22-2017 1 2	1	2
can lookup be used to match default value in .csv table I have a csv lookup table with 3 columns, eg: input1,input2,output 240,789,303456 240,330,303457 240,default,303458 2... by romelrkhan New Member in Splunk Search 10-22-2017 0 4	0	4
How to write a search to extract URLs crawled by Googlebot Which field should be extracted for this relevant use-case? index={wxxx} googlebot \| fields URIs \| stats count by UR... by guru1 New Member in Splunk Search 10-22-2017 0 4	0	4
Sort based on first count generated by xyseries dynamically I want to sort based on the 2nd column generated dynamically post using xyseries command index="aof_mywizard_deploy_... by k_harini Communicator in Splunk Search 10-22-2017 0 1	0	1
Use subsearch with stats command to dynamically search for list of events \|inputlookup test_results \|where build == [\|inputlookup test\|stats first(build)] I'm trying to do something like the... by perrinj2 Path Finder in Splunk Search 10-22-2017 0 3	0	3
1 column have mutli i have a table record is date, product, price 20171015, ABC,10 20171015, CDE,9 20171016, ABC,8 20171017, CDE,10 and ... by kennethyeung New Member in Splunk Search 10-22-2017 0 6	0	6
Build Chart (Score Sheet) that shows all assignments (even missing) So I have score information for a variety of challenges completed by a number of people. I want to build a chart sho... by troyward Explorer in Splunk Search 10-21-2017 0 1	0	1
What should be added to my search to convert all the results to be lower case? I have a Splunk query as follows \| inputlookup hosts.csv \| rename Hostname as my_hostname \|rex mode=sed field=my_h... by pavanae Builder in Splunk Search 10-21-2017 0 6	0	6
How do you specify x-axis intervals on ChartView (type column)? Hi all, I am using the object ChartView (type column) however I am not able to set the intervals (units) in axis X f... by danillopavan Communicator in Splunk Search 10-21-2017 0 5	0	5
How to extract password field in the events with regex? (Password is a string of numbers) How to extract password field in the events? I need to extract " 123456-222245-666565-151063-123456-222365-333111-... by kiran331 Builder in Splunk Search 10-21-2017 0 2	0	2
How to regex events with "==========================" as event breaker? How to break the events with using regex with "==========================" as event breaker? event: PS C:\tetst\te... by kiran331 Builder in Splunk Search 10-20-2017 0 5	0	5