Splunk Search

Community Activity

How to find and stop real time searches running on indexers? Hi there, I am seeing some real time searches running on indexers. Can I please know how real time searches are runn... by kteng2024 Path Finder in Splunk Search 07-19-2017 0 3	0	3
How to add the duration of the last event in a transaction to the total duration? I am trying to use the transaction command to group events within 5 minutes of each other, and have set up fields to ... by phakey New Member in Splunk Search 07-19-2017 0 6	0	6
How to set a Variable from an Eval match? I am trying to set a new variable for each event, by using the eval command. Maybe I should a different command? I w... by stakor Path Finder in Splunk Search 07-19-2017 0 5	0	5
Variable in eval for URL I'm sure this is fairly simple to do, just can't seem to find the right way to do this. Let's say that I have a sear... by bdfurman New Member in Splunk Search 07-19-2017 0 2	0	2
Timechart - Replace "No Results Found" with "No Activity for Today" Hello (again), To go along with my previous question regarding using span=10 minutes using the following search: ind... by TheJagoff Communicator in Splunk Search 07-19-2017 0 2	0	2
Timechart on field other than _time Hello, I'm working on a time chart that needs to chart based on the time retrieved from the database. So far, the c... by Svill321 Path Finder in Splunk Search 07-19-2017 0 7	0	7
Introspection search_group assignment We're monitoring our splunk environment through the DMC as well as a hand built dashboard consisting of data from the... by manderson7 Contributor in Splunk Search 07-19-2017 0 1	0	1
How to show a percentage of the total events in a pie chart I feel dumb for asking something so simple, but I can't make this work. I'm trying to show a percentage I've calcula... by Svill321 Path Finder in Splunk Search 07-19-2017 0 4	0	4
timechart x-axis tick marks every month I want my timechart to show system logins for the last 12 months my search is sourcetype="logins" \| timechart dc(Use... by bowesmana SplunkTrust in Splunk Search 07-19-2017 1 13	1	13
How to sum of distinct count of different fields? I need to sum of distinct count(emal_id) if event_name=email and distinct_count(person_id) if event_name=push. And su... by pinpra New Member in Splunk Search 07-19-2017 0 1	0	1
timechart - Trying to bucket by 10 minutes - Displaying every minute Hi, I am doing the following: index=wineventlog user="*.ad" TaskCategory="Security Group Management" \|bucket _time s... by TheJagoff Communicator in Splunk Search 07-19-2017 0 1	0	1
Set Sort Order in Splunk Panel I have made a dashboard with a few panels on it, each of which contains a _time field and an environment field that t... by chlebs New Member in Splunk Search 07-19-2017 0 3	0	3
Need query of sum of distinct count. I need sum of distinct count for following condition : distinct_count(email_id) where event_name=email and distinct... by pinpra New Member in Splunk Search 07-19-2017 0 1	0	1
Searchmanager cannot reuse in for loop in HTML dashboard Currently, my dashboard is basic on the number of the source and generate the number of chart or table. The structur... by chrismok Path Finder in Splunk Search 07-19-2017 1 3	1	3
Another regex issue I'm trying to collate groups of Windows EventIDs into categories and use regex to filter a range of them. I cannot g... by ldgrube Engager in Splunk Search 07-19-2017 0 4	0	4
Rex query For below input I tried search query as index=myindex "Notification"\|rex "(MQ) (?\d+) = (?\w+)"\|stats count(Notifica... by harishnpandey Explorer in Splunk Search 07-19-2017 0 3	0	3
Account Creation And Deletion within a given time Hello, I'm trying to create a query to monitor when users create accounts and then within a given time window delete ... by hagjos43 Contributor in Splunk Search 07-19-2017 0 6	0	6
Avoid chart skipping every other day label on X-axis How do I change a chart's X-axis to avoid skipping every other day label like this: Thu Oct 11 Sa... by e_sherlock Explorer in Splunk Search 07-19-2017 5 2	5	2
Key value pair extraction My Sample data is below: 2017-07-17 23:59:43,156 ERROR------------webserver logs from servers------------ Attributes... by SrinivasaC Path Finder in Splunk Search 07-19-2017 0 2	0	2
what is the default height and width in splunk for charts what is the default height and width in splunk for charts? I know I can change it as follows: <chart> ... <option... by HattrickNZ Motivator in Splunk Search 07-18-2017 0 2	0	2
Splunk Data sorting HI Everyone. I am trying to put in table format some alarm data in our enterprise network with the query below. ... by ringbbg Engager in Splunk Search 07-18-2017 0 1	0	1
How to change a column chart to not fill with color under line? I selected column chart to show square wave charts but there are also some line charts on the same page. I wanted to ... by wuming79 Path Finder in Splunk Search 07-18-2017 0 5	0	5
Change the 'oldest' and 'latest' field values to readible time format using 'strptime' command I'm having trouble changing the 'oldest' and 'latest' field values from epoch time to readible time format using 'str... by lawannapage New Member in Splunk Search 07-18-2017 0 1	0	1
How could we use one search results in another search using subsearch query? Query : index="heroku_secure_uat" host="messaging-service-uat.herokuapp.com" [search event_name=email OR event \|whe... by pinpra New Member in Splunk Search 07-18-2017 0 7	0	7
How to capture trend over time with Splunk (using span or timechart)? Hello - I'm a newbie to Splunk and i'm trying to chart timetaken by a process over a span of 3 days. Below is the l... by chaitanyabingu Engager in Splunk Search 07-18-2017 0 6	0	6