Splunk Search

Community Activity

Regex in transform.conf delete text in the middle I'm having some trouble to delete the text in "plugin_set". Sample Incoming data: {"plugin_family": "somestuff", ... by Alwiinie New Member in Splunk Search 04-25-2017 0 6	0	6
Is there a way to auto adjust the Y-value to just show the significant part of the chart? All, Often times I just want to see the delta, not the sum of a timechart. Any ideas on if there is a way have Spl... by daniel333 Builder in Splunk Search 04-24-2017 0 2	0	2
How to find difference in value between search strings? Hi, I am using a single search string with two different time rage to find the disk space. Search string : index= ... by Gowtham0809 New Member in Splunk Search 04-24-2017 0 6	0	6
I want latest and earliest time along with report name I want latest and earliest time along with report name Ex: top 10 values : 20/04/2017- 22/04/2017 by nagarjuna280 Communicator in Splunk Search 04-24-2017 0 2	0	2
How to combine multiple panels into one table? I have multiple single value number panels I want to combine into one table, I want my table to look somewhat like th... by JoshuaJohn Contributor in Splunk Search 04-24-2017 0 1	0	1
How is the partial flag supposed to work with timechart? I'm not sure if I am misunderstanding the use case for the partial flag with timechart or if maybe something else is ... by maciep Champion in Splunk Search 04-24-2017 1 10	1	10
Subsearch as eval expression works with strings, but not fields I have a situation where I want to use a subsearch to resolve to a conditional expression in an if statement - a.k.a.... by jmeyers_splunk Splunk Employee in Splunk Search 04-24-2017 0 5	0	5
Is there a way to show local time of the device of that area? Hi I have a data source with device name and timestamp in UTC and gmtoffset values, I need to show the new field wit... by kiran331 Builder in Splunk Search 04-24-2017 0 2	0	2
How to edit my alert search to convert Available Memory value from bytes to a percentage? I need to create an alert which is if in a 10 period of time to see if memory percentage of the host is over 90%. Her... by sonila Path Finder in Splunk Search 04-24-2017 0 8	0	8
Saving search results on a network share (Linux SH to Windows network share drive) I'm trying to automate saving search results for use with other programs. I'm not a Splunk admin, but I want to be ab... by tmaltizo Path Finder in Splunk Search 04-24-2017 0 3	0	3
In a field value that contains text, how can I display or extract just the numerical value within that text? We have a "Message" field that always contains the same verbiage except for a numerical value. I only want the numeri... by steveklinck New Member in Splunk Search 04-24-2017 0 5	0	5
Lookup csv file, match codes and add field I have a csv file containing 2 rows: EventCode and Message Summary Have added the CSV as a lookup file and I can also... by erdalcan New Member in Splunk Search 04-24-2017 0 5	0	5
How to create and calculate a response time graph? How do i calculate every 10 seconds, the average response time for the past 5 minutes and plot on a graph. by maniishpawar Path Finder in Splunk Search 04-24-2017 0 15	0	15
Creating Conditional based on date (2 days) I want to create a conditional that is based on date, so for example I have a table that will show you the last time ... by JoshuaJohn Contributor in Splunk Search 04-24-2017 0 1	0	1
IF then problems... struggling with the following IF statement.... I have a table, and want to create a new field called 'finalclosedtim... by jacqu3sy Path Finder in Splunk Search 04-24-2017 0 6	0	6
how to use timechart count to return 0 when value is null, fillnull not working I am working on a search that returns counts by the hour but when the event has not occur, I would still like to fill... by lasonyadj New Member in Splunk Search 04-24-2017 0 11	0	11
How to calculate a funnel (with less effort)? Hi, let's say I want to create a 5 step-funnel for customers depending on their max step. My first approach would b... by HeinzWaescher Motivator in Splunk Search 04-24-2017 0 6	0	6
How to add average to data that are not on the same line I have data in the form like this: 21:00 Pos=A Strength=45 21:00 Pos=B Strength=60 21:00 Pos=C Strength=32 22:00 Pos... by lakromani Builder in Splunk Search 04-24-2017 0 5	0	5
Use string stored in field to assign value using if I am using a search of real-time data and a lookup to check whether certain problems exist based on the data. For e... by ErikaE Communicator in Splunk Search 04-24-2017 0 6	0	6
Why "where" doesn't work with hight values ? Hi guys, I have a problem on my request because when i use a short time like 7 days ou 15 days it is right but when ... by Abarny Path Finder in Splunk Search 04-24-2017 0 5	0	5
Unable to create time series chart in Splunk dashboard Hi All, I need help in creating time chart for the following request: I have a field by name field.status that will ... by santosh_hb Explorer in Splunk Search 04-24-2017 0 9	0	9
Percentile values over time Hi I have a query to look at the number of times a user does an event, and then get different percentiles of these. ... by ewanbrown Path Finder in Splunk Search 04-24-2017 0 6	0	6
How to write a search that shows all saved searches, reports & lookup tables that are shared globally? Hi, Is it possible to write a search that shows all saved searches, reports & lookup tables that are shared globally... by HeinzWaescher Motivator in Splunk Search 04-24-2017 0 3	0	3
Can we create lookup table for specific owner? Hi, Is there any way that we can create lookup table for specific user? As I checked outputlookup command and it doe... by sumangala Path Finder in Splunk Search 04-24-2017 1 9	1	9
How can I find computers that have been infected for three consecutive days? I want to find the host IPs for three consecutive days of antivirus detection. Please help me. ex) - sourcetype: viru... by superhm Explorer in Splunk Search 04-24-2017 0 2	0	2