Splunk Search

Community Activity

How to create a drilldown to link users to an external page based on the cell clicked in a table? I am trying to link users to a external page based on the table cell (contain url) clicked. My drilldown code: ... by nyp_kwyc Explorer in Splunk Search 06-09-2017 1 9	1	9
compare values from 2 string fields and identify matches We are attempting to compare the string values from 2 different fields, and report on the values which are found in b... by mrbeck02 Explorer in Splunk Search 06-09-2017 0 3	0	3
i want to remove all the word starts with OBJ and till 1-3453221. the number will be dynamic and constant in length . we need to remove from string based on OBJ with length this is word obj:1-324dfs32 hello world obj:1-3453221 as a god by DataOrg Builder in Splunk Search 06-09-2017 0 6	0	6
Combine Status Results into one Row source="Test" index=XYZ [search source="Test2" index=XYZ2 Address=.\| dedup "attachments{}.uniqueid"\|rename "attachmen... by kartiksha Explorer in Splunk Search 06-09-2017 0 4	0	4
Calculate past stats and use them for comparison with current values I have to generate a time chart wherein I have to compare the field named util and check if it is in the range betwee... by AshimaE Explorer in Splunk Search 06-09-2017 0 3	0	3
splunk 6.6 installed just now, index=_internal sourcetype=splunkd says no results, is it a bug? Hi, Just now installed splunk.6.6 on Windows10 and loggedin. Uninstalled it. installed again with new location for SP... by lakshmisplunk Explorer in Splunk Search 06-08-2017 0 3	0	3
How to regex information from two lines? I am trying to create and add a regex stanza to Windows TA to parse out a username. This is for event code 516 from a... by packet_hunter Contributor in Splunk Search 06-08-2017 0 4	0	4
How to Break Json output script in multiple events Greetings. I'm trying for several days to break a json array into multiple events. This Json is the output of a pyt... by markuxProof Path Finder in Splunk Search 06-08-2017 0 4	0	4
How to edit my search to find duplicate events? I want to be able to see all duplicate macs with their respective location and store. There are duplicate macs with d... by JoshuaJohn Contributor in Splunk Search 06-08-2017 0 5	0	5
If the system-wide real-time search limit is reached, can users still run regular searches, or will all searches be queued until a real-time search is closed? If the system-wide real-time search limit is reached, can users still run regular searches, or will all searches at t... by jdosch1 Engager in Splunk Search 06-08-2017 0 1	0	1
Trying to run a search, why are we getting a "Queued" message? Hello, The user has a role setting to run up to 100 concurrent job searches. However, at about 15-20 concurrent jobs... by kiril123 Path Finder in Splunk Search 06-08-2017 0 1	0	1
Show pie chart based on two search queries (append) Hi, I have execution times in my index. I want to show statistics of long running queries (e.g. longer than 10 secon... by mhornste Path Finder in Splunk Search 06-08-2017 0 2	0	2
Use csv (input/outputlookup) to display label from csv in pie chart Hi, I have a working search which returns me IDs for specifing meanings of the values. I also have a working inputlo... by mhornste Path Finder in Splunk Search 06-08-2017 0 1	0	1
How can I list out values of the top 2 (latest 2)Time stamps Date1 Host Path1 Date2 Host Path2 Date 3 Host Path3 I need to table out the latest Host, latest 2 dates, and the cor... by AyanC New Member in Splunk Search 06-08-2017 0 1	0	1
Query to display data as per the DateTime column of Record Hello Splunk Experts, sorry if i am not able to format the question properly as I am new to splunk. I have a csv fil... by sudarshan391 Path Finder in Splunk Search 06-08-2017 0 3	0	3
Count occurences of same ticket number in a multivalue field Hello guys, I am trying to count the number of times the same ticket number appears in a multi-value field. The tick... by timyong80 Explorer in Splunk Search 06-08-2017 0 1	0	1
Splunk displays incorrect location on using iplocation On using iplocation, Splunk returns incorrect coordinates for an IP, and displays location incorrectly on map with ge... by rakes568 Explorer in Splunk Search 06-08-2017 0 5	0	5
How do I normalize, flatten, or unpivot table data? I am trying to take the results of a timechart table and normalize/flatten/un-pivot the data. For example, I have the... by lamchr Engager in Splunk Search 06-08-2017 1 3	1	3
How to write a simple search query to add another set of host name along with the current present host name? Hi All, I have used the below query to capture the splunk service status (Up or Down) via splunkd.log. This query is ... by Hemnaath Motivator in Splunk Search 06-08-2017 0 3	0	3
Time-based Lookup Configuration not quite working? Dear All, I have a set of error events that are generated when an issue happens in our environment. I run an alert e... by BlueSocket Contributor in Splunk Search 06-08-2017 0 1	0	1
change the time format in timechart tooltip How to change the time format in timechart tooltip? its in AM/PM format but i need to change to 24hr format. by vaishnavi07 Explorer in Splunk Search 06-07-2017 0 10	0	10
How to determine if the log is missing there are many hosts in an indexer. How do I check if the log is missing? If a host does not have a log Within an h... by xsstest Communicator in Splunk Search 06-07-2017 0 3	0	3
How to display a year's data on a quarterly basis, and define which months are considered for each quarter? Hi Team, I have data for the year 2016. I want to display the data on a quarterly basis, and I want to customize the... by smaran06 Path Finder in Splunk Search 06-07-2017 0 1	0	1
How to use a file to map results from fields to more meaningful names? I have log files that contain compCodes (over 500 different types of them). Is there a way I can create a mapping fro... by exocore123 Path Finder in Splunk Search 06-07-2017 0 1	0	1
How to edit my search to create a bubble chart with dates shown on X axis? I have a search that returns me 3 fields (let's say country, _time, count) I want to show these results in a bubble ... by andyp54 New Member in Splunk Search 06-07-2017 0 10	0	10