Splunk Search

Community Activity

How do I add a count to a table using the table command? How do I add a count to a table using the table command? The project I'm working on requires that a table is mad sho... by Svill321 Path Finder in Splunk Search 07-06-2017 0 3	0	3
Why am I getting search error "In handler 'savedsearch': Cannot get username when all users are selected."? Is anyone else getting this error when performing a search? If so, can anyone help with a solution. Thank you In han... by fmpa_isaac Path Finder in Splunk Search 07-06-2017 8 8	8	8
How to edit my timechart search to find the daily count of service calls over the last month? I have the following Splunk search, which returns a count of service calls taking over 20,000 milliseconds, and I wan... by jbrenner Path Finder in Splunk Search 07-06-2017 0 7	0	7
How to specify fixed size bucket/bin with stats? when I create a stats and try to specify bins by following: bucket time_taken bins=10 \| stats count(_time) as size_a ... by howardroark Explorer in Splunk Search 07-06-2017 0 8	0	8
Why do x-axis labels disappear for some time frames while using the bucket command? I am using the following: ..\| bucket span=100 time_taken \| stats count(_time) by time_taken When I change the time... by howardroark Explorer in Splunk Search 07-06-2017 0 4	0	4
How can we integrate Bluecoat SA metadata to Splunk? Hi splunk ninjas, Can someone help me on how we can integrate metadata from Bluecoat SA to Splunk? Thanks. by dantimola Communicator in Splunk Search 07-06-2017 0 4	0	4
regular Expression extration I want to do something like this, referer_domain is the field i want to extract to create a new field. I want to rex ... by Kwip Contributor in Splunk Search 07-06-2017 0 4	0	4
Why is there a discrepancy when grouping by a variable vs searching? I want to see how many times a user has accessed a database in a given time period. I used sourcetype= h1 \| stats ... by psangli Explorer in Splunk Search 07-06-2017 0 9	0	9
How to search on non-English keywords? Hello, I have user logon logs from different countries, and some of their username contain non-English characters, su... by vj1226 New Member in Splunk Search 07-06-2017 0 3	0	3
chart Y axis right and left side Hi, I have two merge line chart in single report, for both I want two Y axis on left as well as in right side with ... by rameshlpatel Communicator in Splunk Search 07-06-2017 0 6	0	6
given a date find which week of the year given a date find which week of the year For example : if date is "27-Feb-17" the result will be "09". As 27th Feb ... by ajaylowes Path Finder in Splunk Search 07-06-2017 0 14	0	14
How to use eval to change a field's value? Is it possible with EVAL do the following? I have a field named version which brings the value like this: Version 60... by guillecasco Path Finder in Splunk Search 07-06-2017 0 21	0	21
Counting occurences of 5 specific strings in logs For a given sourcetype=src I have to search for five specific strings (let it be "abc", "def", "ghi", "jkl", "mno") o... by AshimaE Explorer in Splunk Search 07-06-2017 0 5	0	5
How can I show these two queries over two different time ranges in one chart I would like to show the comparison of our website's apache log as a chart in my panel. I am able to run the queries ... by vikasT Explorer in Splunk Search 07-05-2017 0 8	0	8
When I Compare a field that has dates, the results brings dates out of the comparison I'm trying to filter a field when date is greater than 07/05/2017 The date fild format is as follows : DD-MMM-YY Ex.... by asotorod New Member in Splunk Search 07-05-2017 0 6	0	6
How to sum field values with a dependancy on another field? My data has a IP field and a number of bytes used by that field. I send data every 5 mins and most of the IPs remain ... by amritanshgupta Explorer in Splunk Search 07-05-2017 0 4	0	4
mvzip json array of values in one event [ { "sym":"ee", "code":2E1, }, { "sym":"ie", "code":2E2, } ] I have a fie... by exocore123 Path Finder in Splunk Search 07-05-2017 0 6	0	6
How to generate a search that I am looking for Unique users on my Splunk search head cluster like : like compare the users change percentage with ... by svemurilv Path Finder in Splunk Search 07-05-2017 0 1	0	1
Combine two searches left outer style Hello I have an index which gets data of manual IT system scans with the following structure (simplified for example... by altink Builder in Splunk Search 07-05-2017 0 5	0	5
Lookup multiple values So I'm doing a lookup for multiple values, so similar to the following: ...\| lookup entity OUTPUT x as XX y as YY ... by edschembor Path Finder in Splunk Search 07-05-2017 0 5	0	5
How to fit a subsearch in the middle of a search query Hi everyone. How do I format this subsearch to work in my search query? I'm still fairly new to splunk \| inputloo... by chaninphx Path Finder in Splunk Search 07-05-2017 0 8	0	8
Grouping Events by Both Time and Customer Hi all, Want to alert when a customer's usage suddenly drops. Tried breaking recent usage into two time periods: -... by DGray Engager in Splunk Search 07-05-2017 0 2	0	2
Timezone query to modify _time field if the user's timezone is not UTC. I have a dropdown in my dashboard where I provide static label and value for 4 timezones as of now(UTC,ET,PST,CT) (Wh... by waltz Explorer in Splunk Search 07-05-2017 0 2	0	2
Translate Windows security descriptor to readable format Im working on using Splunk for Windows auditing. In events 4670, 4656 and 4663 one (or more) security descriptors are... by coenvandijk Observer in Splunk Search 07-05-2017 0 2	0	2
Perform another search from the search result Hi Splunk Gurus, I am not sure what is the term to use about my question, so I will explain it so everyone will unde... by wiggler Explorer in Splunk Search 07-05-2017 0 2	0	2