Splunk Search

Community Activity

How to separate column for different date Hi everyone. I have this current search result below and I want to have another column for different dates as a desir... by headstrong25 New Member in Splunk Search 09-06-2017 0 2	0	2
_time not giving correct results in an eval condition I am using the below query to show the number of plans in a particular month. However, there are approved dates of f... by rijinc Explorer in Splunk Search 09-06-2017 0 7	0	7
Create transaction from results of another transaction sourcetype=A has d_id field sourcetype=B has d_id and m_pid field sourcetype=C has m_pid field Need to build transac... by simpkins1958 Contributor in Splunk Search 09-06-2017 0 3	0	3
How can I set a timezone for a specific sourcetytpe? How to specify a particular timezone for specific sourcetype? I found the below format the other Splunk question. Can... by kteng2024 Path Finder in Splunk Search 09-06-2017 0 5	0	5
About real time search I want to know about CPU occupation when doing a real-time search. If I build Splunk in a standalone way, and I conf... by yutaka1005 Builder in Splunk Search 09-06-2017 0 4	0	4
how to split the time into different shifts to find how many employees came in shift 1 and shift2 we have a data with employee numbers who enter the office during different times in the day. We want to categorize e... by Jyothik New Member in Splunk Search 09-06-2017 0 2	0	2
Is there an option to do an event break at the end of file (txt file)? I have a folder which contains multiple text files. I want to import these files into Splunk as events. which means e... by tamduong16 Contributor in Splunk Search 09-06-2017 0 6	0	6
How to transpose CSV into separate columns I have the below two csv files: ProductSales.csv RegionalSales.csv ProductSales.csv ProductId,Product_name,Price... by tskarthic New Member in Splunk Search 09-06-2017 0 2	0	2
Multiple Join Nested Join similar to IF ELSE LOGIC I have sourcetype = sourcetype1 with field 1, field 2, field 3, field 4, part1, key1 sourcetype = sourcetype2 with f... by cabauah Path Finder in Splunk Search 09-06-2017 0 3	0	3
duration to seconds I'm attempting to turn the duration of a process in the PS data into just seconds so I can sort appropriately and fin... by tmarlette Motivator in Splunk Search 09-06-2017 0 7	0	7
Math Within addtotals I'm trying to do some math with the values calculated in the addtotals command and put them back into the same line b... by icrit Explorer in Splunk Search 09-06-2017 0 2	0	2
How can I set the y-axis on my bar chart to be in duration? I have the following search: ....\| stats sum(callduration) as "totalcallduration" by Companycalls Currently my sear... by tamduong16 Contributor in Splunk Search 09-06-2017 0 7	0	7
How to reset the link on a link list input Hi, this is my first post on here, am very new to using SPLUNK so please bear with me if how I am doing things is clu... by PBerry7538 New Member in Splunk Search 09-06-2017 0 3	0	3
"The Lookup does not exist or is not available error" for users with same permissions as me but I don't get the error My lookup is in the search app with global permissions with all roles the availability to read and write. My dashboar... by katzr Path Finder in Splunk Search 09-06-2017 0 2	0	2
Lookup Does Not Exist Error- Help I know there are a lot of answers on this topic- but I think I have completed all of the steps offered. One of my use... by katzr Path Finder in Splunk Search 09-06-2017 1 5	1	5
Extracting id field from one event and looking for this id in another event Hi All, I have the below two event logs: Event1: ns=app1, id=12,Error='400', Service='CallGetAccount' Event2: ns=ap... by kdulhan Explorer in Splunk Search 09-06-2017 0 7	0	7
How to show data in a range grouped by specified time period? i have below data. i want to represent in a range to group date for 5 days and i want date field to represent(16-08-1... by DataOrg Builder in Splunk Search 09-06-2017 0 5	0	5
Use lookup table values as a input for search query and display lookup table values with query manipulated fields Hi I have a lookup table with the field (indexname). I want to use each lookup table field (indexname) values as a i... by mala_splunk_91 Explorer in Splunk Search 09-06-2017 0 6	0	6
How to find previous releases using current release? Lookup file contains release number and its start date. The fields in lookup file are Release and Production (start d... by sangs8788 Communicator in Splunk Search 09-06-2017 0 7	0	7
Column to row conversion Hi friends I am facing an issue where I have to consolidate and convert the data from Column to rows. The sample dat... by gauravmishra15 Path Finder in Splunk Search 09-06-2017 1 2	1	2
How can we eliminate orphaned searches? We have orphaned searches we reassigned to our accounts but still see the messages every saying you have 11 orphaned ... by splunker969 Communicator in Splunk Search 09-05-2017 0 3	0	3
about removal duplication and lookup How to write such an SPL search statement two quetions: 1、on the Splunk Enterpirse ,how to remove duplicate data ... by xsstest Communicator in Splunk Search 09-05-2017 0 6	0	6
How to set column with default value if column key not exist? Hi guys I'm trying to create a statistic table for the data from jira. Each column has different severity for jira i... by hakusama1024 New Member in Splunk Search 09-05-2017 0 4	0	4
Link to a file in search results I have a zip file uploaded into Splunk. This zip file contains a files.csv file and some file attachments stored in f... by srinisub New Member in Splunk Search 09-05-2017 0 1	0	1
How do I use IF / THEN / AND in logic in a search? I'm trying to create some logic within my search, and it requires some IF THEN AND logic, which I know Splunk has the... by tmarlette Motivator in Splunk Search 09-05-2017 0 9	0	9