Splunk Search

Community Activity

Compute row differences Hello everyone! I have a very simple result table that looks like this: _time ... by guilhem Contributor in Splunk Search 06-12-2017 1 7	1	7
Splunk Table UI - How to render this UI When i use table command to count the number of events and average response time of Component 1, i get table as below... by premraj_vs Path Finder in Splunk Search 06-12-2017 0 2	0	2
Reset map drilldown I have created map in dashboard. Initially a Bar chart appears having data of all states. Drill down on map is applie... by rvisj New Member in Splunk Search 06-12-2017 0 8	0	8
Comparison between Future date and current date I have a date field 'Start Time' in csv. I have to filter if date in this field is current week date or future week d... by dsiob Communicator in Splunk Search 06-11-2017 2 5	2	5
Replace substitution placeholders in a field I have a field which contains substitution placeholders message=User %s performed action %s on %s message=Message %s... by nickhills Ultra Champion in Splunk Search 06-11-2017 0 12	0	12
how to correct/modify x-axis Dears, I have two columns , first one is called ticket and second columns is date as below Ticket date AS123 6/6... by wessam Explorer in Splunk Search 06-11-2017 0 3	0	3
merge rows to one row (a little more complex) Date Category Type Count 5 car sedan 300 5 ... by exocore123 Path Finder in Splunk Search 06-11-2017 0 15	0	15
Grouping by name Hi, In my search results i have numbers like this and i would like to group them by group1 and group2. Where group1 =... by xvxt006 Contributor in Splunk Search 06-11-2017 0 2	0	2
If CPU is > 95 for more than 5 minutes < -- how do you write the syntax? Hello all, I know it's possible to find values via greater than, less than or equal to in your search queries. Is it... by Jarohnimo Builder in Splunk Search 06-11-2017 0 3	0	3
Plain histogram of x-axis values over y-axis Hi, I want to create plain and simple histogram in Splunk, like everyone used to do in school days on graph paper. I ... by mahikrrish Explorer in Splunk Search 06-11-2017 0 8	0	8
Efficient use of transaction or eventstats command Hello, I am trying to find following 1) Events that starts with WSQ0001 and ends with AAA9999. 2) Find EVE_INCIDENT... by ash2l Path Finder in Splunk Search 06-11-2017 0 2	0	2
How to search for fields that cross correlate with a specified field? From my data below, I can see peaks in the CPU usage of a machine. I can add other fields to the graph, and visually... by zeophlite New Member in Splunk Search 06-10-2017 0 5	0	5
How to join fields from 2 different sourcetypes into 1 table? I need to join fields from 2 different sourcetypes into 1 table. Sourcetype A contains the field "cve_str_list" that ... by manderson7 Contributor in Splunk Search 06-09-2017 0 2	0	2
Is there an efficient way to convert booleans in my data from 0 and 1 to true and false? Hi, I'm switching from dbquery to dbxquery and I noticed that it brings in booleans as 0/1 instead of true/false. ... by dkrichards16 Path Finder in Splunk Search 06-09-2017 0 5	0	5
Use the result from first search into second search I have an first search that will find the software list search index=index1 \| table software in the second search, i... by younes17 Explorer in Splunk Search 06-09-2017 0 7	0	7
creating a report that shows indexedtime vs logged time for each hour in percentage. I want to create a chart separated by hours (24hours) that shows the number of data that took more than 2 mins to be ... by mrtolu6 Path Finder in Splunk Search 06-09-2017 0 3	0	3
How to join data in one source with another join that combines two searches? I am trying to join data in one source to another join that joins two searches. My goal is to capture VM information... by s2jagrif Explorer in Splunk Search 06-09-2017 1 7	1	7
Create a field from the source Hi, I have created fields from the raw data successfully. However now I need to extract a portion of the source data... by splunkbee New Member in Splunk Search 06-09-2017 0 3	0	3
How to create a drilldown to link users to an external page based on the cell clicked in a table? I am trying to link users to a external page based on the table cell (contain url) clicked. My drilldown code: ... by nyp_kwyc Explorer in Splunk Search 06-09-2017 1 9	1	9
compare values from 2 string fields and identify matches We are attempting to compare the string values from 2 different fields, and report on the values which are found in b... by mrbeck02 Explorer in Splunk Search 06-09-2017 0 3	0	3
i want to remove all the word starts with OBJ and till 1-3453221. the number will be dynamic and constant in length . we need to remove from string based on OBJ with length this is word obj:1-324dfs32 hello world obj:1-3453221 as a god by DataOrg Builder in Splunk Search 06-09-2017 0 6	0	6
Combine Status Results into one Row source="Test" index=XYZ [search source="Test2" index=XYZ2 Address=.\| dedup "attachments{}.uniqueid"\|rename "attachmen... by kartiksha Explorer in Splunk Search 06-09-2017 0 4	0	4
Calculate past stats and use them for comparison with current values I have to generate a time chart wherein I have to compare the field named util and check if it is in the range betwee... by AshimaE Explorer in Splunk Search 06-09-2017 0 3	0	3
splunk 6.6 installed just now, index=_internal sourcetype=splunkd says no results, is it a bug? Hi, Just now installed splunk.6.6 on Windows10 and loggedin. Uninstalled it. installed again with new location for SP... by lakshmisplunk Explorer in Splunk Search 06-08-2017 0 3	0	3
How to regex information from two lines? I am trying to create and add a regex stanza to Windows TA to parse out a username. This is for event code 516 from a... by packet_hunter Contributor in Splunk Search 06-08-2017 0 4	0	4