Splunk Search

Community Activity

How to edit my stats search to display a bar chart? Hi I have a data with fields OS and Name. I need to show the count and values of OS for Each Name like on X-axis al... by kiran331 Builder in Splunk Search 05-24-2017 0 1	0	1
How to extract the month from date field in string? I have a date field in a string with the format as mn/day/year. I need to extract the month from the same. Can someon... by srinadh New Member in Splunk Search 05-24-2017 0 3	0	3
Is it is posible to use a variable in a regex of a field extraction ? Hi I would like to know if it is possible to use a variable in a regex extraction. ....\| eval snr=602 \| rex "(?<blab... by edrivera3 Builder in Splunk Search 05-24-2017 1 4	1	4
Strange message for SMS Alert Hi, I'm currently trying to implement SMS Alert for Splunk. I have a SMS Gateway server in my organisation and I'm us... by qiaojing Path Finder in Splunk Search 05-24-2017 0 9	0	9
Regex help! How to use the Regex to extract the first 2 words OR 3 words from below field values? OS: Windows 10 Enterprise Wind... by kiran331 Builder in Splunk Search 05-24-2017 0 10	0	10
How to use rex out the below text ? Full or partial cease : </strung></td> <td width="100%" galign="top" >Full< I would like to extract the below te... by m7787580 Explorer in Splunk Search 05-24-2017 0 17	0	17
Trying to extract the value of a field which occurs twice in one event. Regex maybe? I am hopeful someone has a suggestion for this reporting issue. I have an event generated by Microsoft SQL Audit, wh... by rob_gibson Path Finder in Splunk Search 05-24-2017 0 3	0	3
field rename help Hi, I am receiving the logs from McAfee Email gateway. In this log, there is a field name as "action" which has ven... by mustafag Path Finder in Splunk Search 05-24-2017 1 5	1	5
comparing events within same field and it should continues We need to find out the Ids along with DispatchTime which are not dispatched in correct sequence. ID ... by srinivasup Explorer in Splunk Search 05-24-2017 0 4	0	4
working with timestamps and need to pull the records which are matching conditions I wrote a Splunk search and it's giving my expected results: index=main sourcetype="log" \| rename SERVICE_ID AS SUB... by srinivasup Explorer in Splunk Search 05-24-2017 0 6	0	6
How to reconcile a field in two different sourcetypes? My use case is: There is sourcetype1, which has tradeID field; also sourcetype2, which also has tradeID field. I thi... by leonjxtan Path Finder in Splunk Search 05-24-2017 0 6	0	6
How can I view and search multiple indexes from dashboards I have a dashboard that lists/groups recently updated dashboards and I just wanted to know if there was a way to also... by eyaluodba Path Finder in Splunk Search 05-23-2017 0 4	0	4
timechart function issue Hi everyone, my query look like this base search \| reg " " \| \| bin _time as desired_times span=4h \| table _time se... by prathapkcsc Explorer in Splunk Search 05-23-2017 0 4	0	4
How to display a chart with search jobs and the time range within they run? I have some jobs, which have some time frame to run. Every job belongs to some track. My purpose is to plot Track vs ... by rvisj New Member in Splunk Search 05-23-2017 0 8	0	8
Finding a field value that is available in sourcetype2 but not available in sourcetype1 Hi, I would like to find a field value of a field (Email_Address) that is available in only sourcetype2 and not avai... by santosh_hb Explorer in Splunk Search 05-23-2017 0 9	0	9
How expand two related mutli value fields ? Hi, I'm trying to analyze some data that contains two related multi value fields that i want to expand. What i have ... by fbotte New Member in Splunk Search 05-23-2017 0 2	0	2
How to make a field extraction for my sample data? I want to make a field extraction by the name of Action to show this whole text ,'update ggsourceadmin.monitor set OR... by ewise1 New Member in Splunk Search 05-23-2017 0 2	0	2
How do I make a couple of indices in one table? Is it possible to have two different indices and have results in a single table? The Indices are... index=_internal ... by eyaluodba Path Finder in Splunk Search 05-23-2017 0 4	0	4
How to find RSA connection failures for a user? I need a script that will find rsa connection failures for a user by aarnelson New Member in Splunk Search 05-23-2017 0 1	0	1
Is it possible to count the number of times a field occurs within a transaction? Is it possible to get the number of times a Field occurs within an event? I've read posts on how to arrive at unique... by popdeluxe New Member in Splunk Search 05-23-2017 0 5	0	5
How to edit my search to find the counts for "heap dump" and "java core" fields by host? trying to list Heapdump and javacore counts across multiple hosts Splunk search host=A OR host=B OR host=C OR host=... by harishnpandey Explorer in Splunk Search 05-23-2017 0 3	0	3
Multiple queries to extract one value I eventually have to find out the 'N-' value. When I do this manually, I have to do it like this: Query: index="prod... by rh417692 Path Finder in Splunk Search 05-23-2017 0 18	0	18
Splunk DNS Resolution: How to get IPs resolve to host names? Hello all. I am trying to complete something that should be easy. I wish to have IPs resolve to host names in the S... by bowmanja New Member in Splunk Search 05-23-2017 0 3	0	3
How to create a dashboard that lists recently updated dashboards? my team has a lot of dashboards and I want to create a simple code for another one that groups and lists some of the ... by eyaluodba Path Finder in Splunk Search 05-23-2017 0 13	0	13
For all occurences, get the duration of a value dropping below a threshhold I have events that show signal strength. What I want to do is determine the start_time, end_time and duration of any ... by jpass Contributor in Splunk Search 05-23-2017 0 2	0	2