Splunk Search

Community Activity

Calculate average operation time The gut who was doing this job before me made some servicenow reports using excel . He devised a term something that ... by pranaynanda Path Finder in Splunk Search 08-18-2017 0 9	0	9
How to join a search query and a lookup file without any common columns and display the output I have a below search query which gives me the count of the error(the corresponding events have only the description ... by akarivaratharaj Communicator in Splunk Search 08-18-2017 0 8	0	8
How can I troubleshoot high CPU utilization on my heavy forwarder? We have 3 heavy forwarders and universal forwarders are sending data to these 3 HF. But the CPU usage on one of the h... by kteng2024 Path Finder in Splunk Search 08-17-2017 0 1	0	1
Comparing Multivalue Fields I have numerous events, each of which has a multivalue field that has a list of X (where X is a number) hashes in it.... by msscott63 New Member in Splunk Search 08-17-2017 0 2	0	2
where operation with multiple search criteria + regex This is my search index=X ....\| search column!="T" column!="I" column!="m" column!="l" column!="d*" ... by HattrickNZ Motivator in Splunk Search 08-17-2017 0 3	0	3
Splunk search - chart the number of hits from each IP over a fixed range We have the below data: IP Count A 50 B 100 C 20 D 60 E ... by asdfxqwert Explorer in Splunk Search 08-17-2017 0 7	0	7
Using curl command from TA-Webtools So I've been trying to use TA-Webtools app to get data from a Sharepoint site after some googling. As a test, I’ve t... by jpvalenc Path Finder in Splunk Search 08-17-2017 1 5	1	5
Timechart/bin - "flatten" values What would be the best way to run a week to date search (timechart/bin) that "flattens" the individual days so I can ... by bcarr12 Path Finder in Splunk Search 08-17-2017 0 1	0	1
How can I generate a report of users and machine usage by machine name? I am looking at a log of users logging into machines. The two fields I am interested in are: Username and Machine nam... by jcftx7 New Member in Splunk Search 08-17-2017 0 1	0	1
Splunk on Raspberry Pi I am attempting a project and the use of Rasberry Pi's seems like the most effective solution right now. However, cri... by ben_clarke96 New Member in Splunk Search 08-17-2017 0 3	0	3
Sum of Unique Values in One Field of a Stats Table Greetings, I'm creating a stats table which shows Logon attempts to different workstations. I have a column that sh... by SplunkLunk Path Finder in Splunk Search 08-17-2017 0 6	0	6
Can I combine two searches and group by _time using a regex filter? Hello, I'm relatively new to Splunk, so please bear with me. What I am trying to accomplish is a time chart using ts... by sdtruesdale Engager in Splunk Search 08-17-2017 0 1	0	1
How can I display these fields from my unstructured data? There is an unstructured log-file and so the field extraction is not working to extract the exceptions that occur in ... by smirti New Member in Splunk Search 08-17-2017 0 1	0	1
Show a timechart of all hosts even if 0 values exist I'm attempting to write a query to show a timechart of the number of results for each host per minute, which is easy ... by Lgo Explorer in Splunk Search 08-17-2017 0 2	0	2
How can I add a Total for the count of events from different index or sourcetypes? I'm searching blocked events from the firewall and Palo Alto logs and would like to add a line to show the Total of t... by digital_alchemy Path Finder in Splunk Search 08-17-2017 1 2	1	2
Is there a way to append fields at the UF ? All, Is there a way for me to append data to an event at the UF level ? Or perhaps at index time ? I want to prepopu... by daniel333 Builder in Splunk Search 08-17-2017 0 1	0	1
How to index a text file in the xml format? /getClientProfileV1Request></SOAP-ENV:Body></SOAP-ENV:Envelope></soap-env:Body>-- HTTP Header values -<tp:headers xsi... by madhanbaskar Explorer in Splunk Search 08-17-2017 0 12	0	12
How can I find the time duration between two fields? Trying to find the time duration between 2 fields Field name : START_TS 2017-08-16 04:07:00.0 Field name : END_TS ... by locose Path Finder in Splunk Search 08-17-2017 2 7	2	7
duplicate in dates for stats when using predict I have this query to predict CPU usage, looking at real data for last 90 days and predicting ahead 60 days. index="l... by mjm295 Path Finder in Splunk Search 08-17-2017 0 7	0	7
Error during index name change for Digital Shadows SearchLight App Hi, I'm trying to modify the name of the index in the Data Inputs for your Digital Shadows SearchLight App. When I ... by markwymer Path Finder in Splunk Search 08-17-2017 0 1	0	1
Restrict access to views based on roles/users I have 100 views and 5 different users/roles. Each user can access 20 views and this is based on prefix of those 20 v... by manjunathmeti Champion in Splunk Search 08-17-2017 0 1	0	1
Evalute results based on like-fields from two different indexes? I have entries in IndexA that I want to find failures for. However, if IndexB has an entry with the same field and is... by jl19 Explorer in Splunk Search 08-16-2017 0 4	0	4
Chart results of a report on a line chart I've looked into Summary Indexing and I'm not sure that's what I'm looking for here. I have a scheduled report that... by GenericSplunkUs Path Finder in Splunk Search 08-16-2017 0 2	0	2
How to retrieve events from the most recent day in which there are events present? I have a small number of events (around 4 or 5) being generated each day Monday through Friday. I would like my searc... by tgittelmacher Engager in Splunk Search 08-16-2017 0 2	0	2
How can I join three fields with a common ID field? Hi, i want to join all three fields with common id field. please help me with search query \| table id servicename ... by sravankaripe Communicator in Splunk Search 08-16-2017 0 1	0	1