Splunk Search

Community Activity

Merge results of multiple queries I have used the multiple queries and merged them in single output. When I using timechart, getting the expected resul... by twh1 Communicator in Splunk Search 03-29-2017 0 1	0	1
Why are searches only showing "Parsing job...", and drilldowns do not render properly in Firefox with version 6.5.0? Our users are encountering intermittent problems with using Firefox after we've upgraded to version 6.5. In basic ... by kearaspoor SplunkTrust in Splunk Search 03-29-2017 0 3	0	3
create a table by comparing data from 2 different indexes Hi, I am trying to create a table by comparing data from 2 different indexes & compare certain search terms from one ... by arjun_hcl Explorer in Splunk Search 03-29-2017 0 2	0	2
How to escape a parentheses in sed rex command ? Hello dearest Splunkers, I am trying to convert "(A=hi) OR (B=bye)" to "(A=hi) NOT (B=bye)" using sed. So far I have... by DavidHourani Super Champion in Splunk Search 03-29-2017 0 2	0	2
how to create a single search where the output of the first query should act as input to the second query. We have two indexers in place. index=A & index=B. From index=A I have queried out the field which I want the value fo... by dina1701 Engager in Splunk Search 03-29-2017 0 2	0	2
Predict - 95% Confidence Interval I have read through Splunk docs that Splunk defaults lower and upper Confidence Interval to 95% for its prediction us... by arielpconsolaci Path Finder in Splunk Search 03-29-2017 1 3	1	3
srchFilter and inputlookup Is it possible to filter results in a lookup-file with filters defined in "srchFilter" in authorize.conf? Example lo... by reubentrapdoor Engager in Splunk Search 03-29-2017 0 2	0	2
how to display all values within the same field name. Ex log: (This is a XML log, giving details from the middle and not the entire log) Event 1: <students> <stu... by ndayanat Explorer in Splunk Search 03-28-2017 0 5	0	5
Creating a graph with two columns of a table Hello, I need to make a simple line chart with the values of two columns of a table. the first column is the x axis ... by matansocher Contributor in Splunk Search 03-28-2017 0 8	0	8
Sort the query based on firstime and count Hi, Is there a way to sort the below query based on both firstime and total count . I want to know which sourcetype... by kteng2024 Path Finder in Splunk Search 03-28-2017 0 4	0	4
REX Non-Capture Group Hi Everyone, Trying to understand non-capture groups better Trying to build rex that captures 2 conditions but us... by subtrakt Contributor in Splunk Search 03-28-2017 0 1	0	1
Splunk Time stamp modification Hi Team, We are in splunk 6.5. Our forwarder machines are having Brasilia Time zone and our indexer is on UTC time ... by Abilan1 Path Finder in Splunk Search 03-28-2017 0 7	0	7
Hex to Floating Point converter? Hi, I have a field that contrains a hex-string representing an encoded-float number (sign+exponent+mantissa). What w... by pchiu Engager in Splunk Search 03-28-2017 0 2	0	2
Show most relevant lines (Exceeds 500 limit) Hi~there, We index some system config file to facilitate user's lookup. But it seems the splunk have the limits in s... by hjwang Contributor in Splunk Search 03-28-2017 3 9	3	9
How to calculate duration between an unknown amount of multiple variables in transaction? Hello, I am trying to create a report or dashboard which calculates the average duration between events with the wor... by epresson New Member in Splunk Search 03-28-2017 0 1	0	1
How to use timechart and streamstats I have a search that will show me the top 3 processes like this host=foo sourcetype=top \| timechart span=1m sum(pctC... by hartfoml Motivator in Splunk Search 03-28-2017 0 4	0	4
Help me with search query for my usecase i have two id's lets say ID1 and ID2 i want to use transaction command for both ID1 and ID2 in same query , please h... by sravankaripe Communicator in Splunk Search 03-28-2017 1 10	1	10
How to calculate stdev for a count of one field based on another? I am trying to figure out how to calculate the stdev of the number of emails a user sends. I have the following searc... by jwalzerpitt Influencer in Splunk Search 03-28-2017 0 9	0	9
Search for results which don't appear in subsearch I have the below search, but am not getting any results (even though I know there are results). There are over 10,000... by smcdonald20 Path Finder in Splunk Search 03-28-2017 0 3	0	3
Stymied by subsearches I can run the following search with perfect results: sourcetype="aws" varOutcome=Blocked\|rex field=varDNS_Name "(?<v... by awmorris Path Finder in Splunk Search 03-28-2017 0 6	0	6
How to use lookup to evaluate thresholds? Have been trying to crack this for a long time. Would highly appreciate any help. I have a lookup similar to this: ... by manmeet99 Explorer in Splunk Search 03-28-2017 0 6	0	6
get latest value and timestamp Hi, How would I go about getting the latest value of a search, along with the timestamp of that search? I want to in... by a212830 Champion in Splunk Search 03-28-2017 1 5	1	5
How to add a exclude box in the splunk dashboard? Hi Is there a way to add a text box which excludes the value from the search results of dashboard? I have a dashboar... by kiran331 Builder in Splunk Search 03-28-2017 0 1	0	1
How to "chain" events together ? And how to follow the execution of all the chain ? Hi Guys, I'm trying to follow the execution of a number of script, here is my problem : I have a lot of batch scr... by 3no Communicator in Splunk Search 03-28-2017 0 4	0	4
How to generate a search to show the top 10 values for each priority? How to show the top 10 values for each column? I have a field port and its priority, I have to show top 10 values for... by kiran331 Builder in Splunk Search 03-28-2017 0 1	0	1