Splunk Search

Community Activity

Why does search not find data when using wild card in middle of search term? I have JSON data, which is indexed and can be searched. This is an example of the data Product: { [-] ... by bowesmana SplunkTrust in Splunk Search 09-24-2017 0 12	0	12
How to include additional field from inputlookup in results? Hi, I have a lookup table errors.csv ,which contains Error and Source columns.I have a query the returns log entrie... by luc_k Engager in Splunk Search 09-24-2017 0 7	0	7
Using rex to find matching values. I have the following ACTION :[7] 'CONNECT' DATABASE[1] 'SYSTEM' That's in the _raw data. How do I extract CONNECT ... by veera9 New Member in Splunk Search 09-24-2017 0 4	0	4
Add count of subsearch results I need to return all rows from my top search but add a count of rows from a map or subquery/subsearch. In my syste... by LittleColin Engager in Splunk Search 09-23-2017 0 2	0	2
Show all values 0 to 100 with precision up to 2 decimal points I am working on a single value dashboard panel where I am showing output in percentage with precision up to 2 decimal... by barunbiswas New Member in Splunk Search 09-23-2017 0 8	0	8
How to edit my search to divide the sum by a specific number? ShiftName="1" EmployeeLoggedInLastName="" MachineNumber=""\| stats sum(ElapsedMachineSecondsInOrderPath) by Employee... by Hppjet Path Finder in Splunk Search 09-22-2017 1 3	1	3
Timechart with success and failure and failure/success percentage, grouped by Server I've two patterns, say like this - "successPattern" and "failurePattern". I want to make a timechart comparing succes... by pjtbasu Explorer in Splunk Search 09-22-2017 0 3	0	3
Reqular Expression 101 Hi All, I am a new to Regular Expression topic, Could you please share me a link which help me to understand Regula... by rakeshksingh New Member in Splunk Search 09-22-2017 0 4	0	4
Search that shows first and last event time + total count of events per user I have a list of top 10 users that failed to login to a site and I want to take the events related to those top ten u... by snix Communicator in Splunk Search 09-22-2017 0 2	0	2
Can Monitor Path include spaces? I am trying to get this to work [monitor://\Corp\hdq\nba\nba releases\Utilities\SuitReviewWorkbench\suiteviewworkbenc... by HMTODD Explorer in Splunk Search 09-22-2017 0 2	0	2
Help with an eval statement? I am trying to build a base search for the field message.device.category , it has 3 values: desktop , mobile and tabl... by svemurilv Path Finder in Splunk Search 09-22-2017 0 2	0	2
Extract value within quotes and plot on timechart Hi, I am very new to splunk and i have data like this below: "salary": "2000" I have 1000's of events like this, I... by skenkere New Member in Splunk Search 09-22-2017 0 1	0	1
Combine the two queries and calculate count Hello experts. I tried to execute the query, as described here https://answers.splunk.com/answers/106906/how-to-per... by zork67 Explorer in Splunk Search 09-22-2017 0 6	0	6
Eval formula to display dates till 31st december where start day is determined by a formula Hey Everyone I am trying to write an eval when a user enter an year it should return a date formula works fine in exc... by puneetkharband1 Path Finder in Splunk Search 09-22-2017 0 5	0	5
Regex for values between comma's Hi, I need a Regex to use within the search query to pick up individual values separated by comma's within a set of ... by jacqu3sy Path Finder in Splunk Search 09-22-2017 0 2	0	2
getting this error while applying distribution bundle I have some apps that I deleted in slave-apps directory on our indexers and now our master apps on cluster master has... by hrithiktej Communicator in Splunk Search 09-22-2017 0 6	0	6
How do we use wildcard such as * in eval case match to see multiple types of files? I was trying to give all the 6 types of files which are under fileName field and trying to get all the filetypes incl... by sai_john New Member in Splunk Search 09-22-2017 0 7	0	7
How to write regex to extract Port numbers and status from nmap output? Hi this took at least three days of my life but I still couldn't handle it, please, I need help I have a data file ... by sina_shafaei Explorer in Splunk Search 09-22-2017 1 5	1	5
Splunk Enterprise maximum local users? Hi Could not find a setting in limits.conf OR authentication.conf. But is there a maximum number of local users we ... by season88481 Contributor in Splunk Search 09-22-2017 0 2	0	2
How to Display transaction result in a table Hi, I have a search using transaction command mysearch \| transaction startswith=start endswith=end and I am getting s... by smolcj Builder in Splunk Search 09-22-2017 0 16	0	16
How to break the events using regex? Hi I have the text file with below sample data I have to break the events using "-------------------------" as event... by kiran331 Builder in Splunk Search 09-21-2017 0 4	0	4
Splunk search help -- output data should match sets of keywords Hi, Fellow Splunkers, Had post a question this past few days about matching 2 words or more ( https://answers.splunk... by dantimola Communicator in Splunk Search 09-21-2017 0 1	0	1
Match day and get the sum by day, also get the percentage My data looks like this, I've grouped it by a common field. I want to match the date_mday and get the sum of the even... by known_user Engager in Splunk Search 09-21-2017 0 2	0	2
How do I search for a string with a partial portion of the string? Can someone help explain why "partial" search doesn't work for me? It's an ASA syslog... when I search for a full sy... by ptur Path Finder in Splunk Search 09-21-2017 0 4	0	4
Append Domain name at index time? All, I have logs coming in from /var/log/messages and /var/log/maillog which have the hostname not the FQDN. There ... by daniel333 Builder in Splunk Search 09-21-2017 0 9	0	9