Splunk Search

Ask a Question

Discussions

Thread Info

duplicate in dates for stats when using predict

I have this query to predict CPU usage, looking at real data for last 90 days and predicting ahead 60 days. index=...

by Path Finder in

Error during index name change for Digital Shadows SearchLight App

Hi, I'm trying to modify the name of the index in the Data Inputs for your Digital Shadows SearchLight App. Whe...

by Path Finder in

Restrict access to views based on roles/users

I have 100 views and 5 different users/roles. Each user can access 20 views and this is based on prefix of those 20 v...

by Champion in

Evalute results based on like-fields from two different indexes?

I have entries in IndexA that I want to find failures for. However, if IndexB has an entry with the same field and is...

by Explorer in

Chart results of a report on a line chart

I've looked into Summary Indexing and I'm not sure that's what I'm looking for here. I have a scheduled report th...

by Path Finder in

How to retrieve events from the most recent day in which there are events present?

I have a small number of events (around 4 or 5) being generated each day Monday through Friday. I would like my searc...

by Engager in

How can I join three fields with a common ID field?

Hi, i want to join all three fields with common id field. please help me with search query | table id servicena...

by Communicator in

Compare Minute by Minute Timechart "Today" vs Summary Index Timechart Average

I currently have a timechart running every minute each day to show a given field value as it increases through the da...

by Path Finder in

I want to extract information from this field within these specific parameters using a rex command

Hi Splunker, I wanted to use a rex command until Splunk can find below parameter in logs: 1) ? 2) sag 3) If both...

by New Member in

How can I go through a search for different input values and store the results into summary index?

I have the following combinations of name and code: Name Code AAA M BBB C ZZZ K ...

by Contributor in

Need Assistance combining 2 searches from different indexes

I am trying to piece together a search that shows all allowed connections that originate from our web proxies and pas...

by Path Finder in

'Encountered the following error while trying to update: Invalid FORMAT: nullQueue' error editing a transform via Splunk Web

I've got this simple transform for dropping unwanted logs which works fine. I went to add something to it and got thi...

by Motivator in

How do you setup a pie chart for success / failures?

Query details: index=my_app processcreditcheck tmLogging (failure OR success) Result needed: ][1]

by New Member in

how to tweak streamstats function to get sum of differences from hand picked events rather than regular streamstats functions ?

Streamstats can produce sum of differences like (fieldB- fieldA)+ (fieldC-fieldB)+(fieldD - fieldC) = a total of ...

by Explorer in

Apache Web Server Load Balance Monitoring

I have multiple web servers behind a load balancer. I am looking for a search query that can provide me a traffic dis...

by New Member in

How to display results grouping events by the field which is not part of event ?

I have a lookup file with Release Number and Dates of Release. Below query lists me the count of events which occu...

by Communicator in

How to unset an input token when value isn't the default

I have the following xml code: <change> <condition value="default_value"> <unset token="some...

by Path Finder in

How to use macro in first pipe to generate some strptime value

Hi , I have a Splunk DB Connect batch input that runs every 24 hours to get some table result set in Splunk. Over t...

by Contributor in

How can I use timechart to show a chart of this search with time on x-axis and failure% for each browser on y-axis?

This search resulted in a table with columns, browser, failed, success, Failure% For eg., browser failed suc...

by Engager in

How to use stack mode on a bar chart

I have many Json that contains multiple fields such as: {"FACTS Access":"True", "FACTS Database Access":"True", "U...

by New Member in

We want to get license usage by a _meta field ServerRole?

The license usage logs are present under an index ABC, but in inputs.conf in which the _meta field is present sends d...

by Path Finder in

Splunk not recognizing the date format

Splunk is not recognizing the date and time of my data correctly. My data is in the common log format. An example of ...

by New Member in

How can I calculate the number of errors for the last hour for a period of time and get the min/max in that time span?

Hi All, I'm trying to do a simple search on a log based on relative time, i.e. I need to calculate number of errors f...

by New Member in

How to search based on the time range returned from subsearch ?

The query, |inputlookup ReleaseCalender.csv |sort Release ASC| reverse |streamstats current=f last(Production) as ...

by Communicator in

Wildcard Match Count

I am trying to use a match, regex, or eval with a stats count. I have multiple values that are similar that are in t...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

duplicate in dates for stats when using predict

Error during index name change for Digital Shadows SearchLight App

Restrict access to views based on roles/users

Evalute results based on like-fields from two different indexes?

Chart results of a report on a line chart

How to retrieve events from the most recent day in which there are events present?

How can I join three fields with a common ID field?

Compare Minute by Minute Timechart "Today" vs Summary Index Timechart Average

I want to extract information from this field within these specific parameters using a rex command

How can I go through a search for different input values and store the results into summary index?

Need Assistance combining 2 searches from different indexes

'Encountered the following error while trying to update: Invalid FORMAT: nullQueue' error editing a transform via Splunk Web

How do you setup a pie chart for success / failures?

how to tweak streamstats function to get sum of differences from hand picked events rather than regular streamstats functions ?

Apache Web Server Load Balance Monitoring

How to display results grouping events by the field which is not part of event ?

How to unset an input token when value isn't the default

How to use macro in first pipe to generate some strptime value

How can I use timechart to show a chart of this search with time on x-axis and failure% for each browser on y-axis?

How to use stack mode on a bar chart

We want to get license usage by a _meta field ServerRole?

Splunk not recognizing the date format

How can I calculate the number of errors for the last hour for a period of time and get the min/max in that time span?

How to search based on the time range returned from subsearch ?

Wildcard Match Count

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

In Splunk studio, is it possible to populate a tex...

How can i export a list of all services in APM

Splunk Answers Content Calendar May 2025!

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Splunk Search

Are you a member of the Splunk Community?

Discussions