Splunk Search

Community Activity

How can I remove a events from a search table Hi Guys, Good Day! Just want to ask on how can I remove YYYYMMDD HH24:MI:SS") event on my search table. Here is my ... by vino06 New Member in Splunk Search 07-12-2017 0 2	0	2
how to edit my search earliest=-48h@h latest=-24h@h index="my-live-srv" sourcetype="Perfmon:sqlserver:sql_errors" counter="Errors/sec"\| whe... by sonila Path Finder in Splunk Search 07-12-2017 0 8	0	8
Adding a colum to stats results Hey! Right now I have a search - source="tcp:6555"\| search Message_Type =IP \| stats sum(Bytes) AS Bytes by IP \| s... by amritanshgupta Explorer in Splunk Search 07-12-2017 1 3	1	3
Add original host to windows security event syslog header I want to export windows security events to syslog. The following works but it shows the events all originate from sp... by agarrison Path Finder in Splunk Search 07-12-2017 0 2	0	2
Need help with Predict command to forecast receipts by customer Hi everyone, I use Splunk to assign transactions on daily bank statements to Category (eg receipts, payroll etc) and... by fmcg New Member in Splunk Search 07-12-2017 0 1	0	1
Simple question about timecharts Hi there, I have a field with values, like 2, 4 or 10. Now I want to use a timechart or a chart which display 2, 4 o... by nebel Communicator in Splunk Search 07-12-2017 2 7	2	7
Field Values Case Sensitve I have a lookup table, with an ID field that has case specific alphanumeric values in it. I'm attempting to search ... by tmarlette Motivator in Splunk Search 07-12-2017 0 10	0	10
How to create a single value trend to show the difference based on the previous day? Hi , I need to create a single value visualization with the trend indicator. The trend indicator should be the dif... by seetharamanss Explorer in Splunk Search 07-12-2017 0 4	0	4
Search doesn't show results if for the same node are present two type of alarms Hello, I have a query that extract some type of alarms divided by NODE. These are the columns of the query: _time ... by ngerosa Path Finder in Splunk Search 07-12-2017 0 6	0	6
Why am I just getting a chart, but no trend line after using trendline command? Hi Experts, I am plotting a trend line with trendline command. Here is my simple search sourcetype="Perfmon:CPU14" ... by vikas_gopal Builder in Splunk Search 07-12-2017 1 9	1	9
How to add x-axis labels show on a timechart when data contains epoch time? Hi, I am still fairly new in Splunk as I just started last week. Any help is appreciated!! This is what i currently ... by Michellework New Member in Splunk Search 07-12-2017 0 3	0	3
Windows CPU by Process - How do I divide field value #1 by field value #2? I am trying to get a representation of the percentage of CPU used per windows process based on the amount of processo... by mightaswelby Explorer in Splunk Search 07-12-2017 0 4	0	4
Data masking HI , i want to masking the cookie value in the the log file i just write the regx but its not displaying the data bef... by svemurilv Path Finder in Splunk Search 07-12-2017 0 5	0	5
transaction calculate duration betweeen 2 events I'm trying to use transactions to generate a timeline of events where the events are grouped by an eventId I'm reci... by preben12 Communicator in Splunk Search 07-12-2017 1 8	1	8
Use Join but also display non matching datasets I'm currenty trying to combine data from our firewall and sysmon which is running on a testclient. I want to join the... by davidb89 Engager in Splunk Search 07-12-2017 0 4	0	4
How to Extract value from Source Field Hi, I want to Extarct Filed from Source file and Below are some Sorce file. /opt/si/logs/taopwssid1/admin/paas-cli... by saroj005 Engager in Splunk Search 07-12-2017 1 2	1	2
how to show 0 when no search result found after succeed with "Infected files:" \| rex field=_raw "Infected files: (?<Infected>\d*)" \| convert timeformat="%Y-%m... by cyberportnoc Explorer in Splunk Search 07-12-2017 0 5	0	5
moving rex to props and transforms not woking Hi, I am monitoring print events from windows event logs using WinEventLog:Microsoft-Windows-PrintService/Operationa... by sajeshpp Path Finder in Splunk Search 07-12-2017 0 13	0	13
Connect two points on map based on two coordinates Hello, I have this search: index=ip \| lookup list.csv pop as POP_A OUTPUTNEW LAT as LAT_A LON as LON_A \| lookup list... by ngerosa Path Finder in Splunk Search 07-12-2017 0 3	0	3
Using the like operator for raw text Hi Can someone help me with a query please. So I have a field called message which displays the following: "messag... by dadomor Engager in Splunk Search 07-12-2017 0 2	0	2
How to edit my search to find the time frame window with the least amount of events? Hi there, I am trying to return the top 3 results of three hour windows where an event is least likely to happen bas... by bamalone New Member in Splunk Search 07-12-2017 0 2	0	2
What is the best way to get the running average and standard deviations for external port connects? So I am looking at cisco asa logs and wondering what the best way method would be to create an alert when the number ... by packet_hunter Contributor in Splunk Search 07-11-2017 0 2	0	2
Extract data for last 3 months Hi All, I am searching from a csv lookup. The CSV contains fields --> 1. Reporting Month & Year -->17-Jan, 17-Feb, ... by aartivig289 Engager in Splunk Search 07-11-2017 0 1	0	1
How can I reset the "search timeframe" based on data in results? Is there any way to "reset" the "search timeframe" so that all the "commands that bin" will honor a new "search timef... by vbumgarner Contributor in Splunk Search 07-11-2017 0 4	0	4
How to create a line chart with 2 lines Hi, We have a Database query which runs on every 15 minutes and provide event results with a field by name NumOfOrd... by roopeshetty Path Finder in Splunk Search 07-11-2017 0 3	0	3