Splunk Search

Community Activity

Return command giving error for stats c(eval...) in splunk Hello Everyone, Am creating the dynamic query depending on condition and after that using return command to execute ... by snehalk Communicator in Splunk Search 03-25-2017 0 1	0	1
REX issue, quite an interesting one, potential bug? Just wondering if anyone has ever seen this before? This is the data I’m extracting from: "Classic,Audit Failure",1... by mrgibbon Contributor in Splunk Search 03-24-2017 0 8	0	8
How to form a search based on my data and my desired output? Hi All, I have the below format of data Name Value 1-Jan A 2-Jan B 2-Jan B 3-Jan C 2-Feb A 1-Mar V... by rsathish47 Contributor in Splunk Search 03-24-2017 0 6	0	6
Fields value correlation not working Hello, I have a query regarding ordering of ElapsedTime field. It is not coming properly with associated ServiceLaye... by hemendralodhi Contributor in Splunk Search 03-24-2017 0 7	0	7
How to combine additional events to an existing Transaction? Hello, I am trying to organize various types of events into single events. Currently I have a transaction set up to c... by like2splunk Explorer in Splunk Search 03-24-2017 0 4	0	4
Is there a limitation in the length of a search? Hello, I have a long Splunk search that I continue to add more conditions to each day so it keeps growing. Eventuall... by patricknguyen Explorer in Splunk Search 03-24-2017 0 4	0	4
How to write a crontab running from Monday 6 AM through Saturday 2 AM How to write a crontab from Monday 6 AM through Saturday 2 AM to run once in a hour. by srisplunk12 Engager in Splunk Search 03-24-2017 0 18	0	18
help me with search command -------\| eval test=if(condition,"INFO","Error") \| search test if condition is true the search must be behave as ----... by sravankaripe Communicator in Splunk Search 03-24-2017 0 3	0	3
How to add 2 different fields with under the same function? Hi guys, I need to do add enter 2 different fields under the same function. The first is with an ACResponse specific... by Abarny Path Finder in Splunk Search 03-24-2017 0 3	0	3
how to check the average queries time entered by the user Hi, Is there any way to find out how much time queries were taking to complete the job when the users enter the que... by kteng2024 Path Finder in Splunk Search 03-24-2017 0 2	0	2
Viewstates Error when trying to save/clone/edit search So we have a number of searches that cannot be saved or cloned due to viewstate errors. Many of them are accelerated... by JDukeSplunk Builder in Splunk Search 03-24-2017 1 1	1	1
How do I only show results using a token of a multivalue field? Hi all, I am new to using SPLUNK so please bare with me.... I have created a dashboard to utilise tokens in drop dow... by Reidap New Member in Splunk Search 03-24-2017 0 7	0	7
Help in Regex I have the field message - Method: Execute \| Class: GetUsersByVinActivity message- ... by vrmandadi Builder in Splunk Search 03-24-2017 0 3	0	3
How to trigger search based on a dynamic dropdown input? I am trying to create a dropdown box to allow the user to select a host category (Like backend or frontend) and then ... by ByteFlinger Engager in Splunk Search 03-24-2017 0 6	0	6
Timecharting delta by multiple fields My Sample event every minute looks like this: 03/06/2017 15:19:00 -0500, app01:JVM1=12, app01:JVM2=6, app01:JVM3=9, ... by mudragada Path Finder in Splunk Search 03-24-2017 0 8	0	8
How to graph sum of overlapping values given start time and duration? I've searched here for quite a while and didn't find what I'm looking for, or maybe I'm not wording it correctly... ... by rbernharnavy Engager in Splunk Search 03-24-2017 0 3	0	3
Maximum length of an Index name We are planning on some long and detailed index names. I'd like to know if there is a maximum length an Index name ca... by danbrook Explorer in Splunk Search 03-24-2017 0 2	0	2
How to fix one logfile with 3 different change-times? Hello, I have the following problem with every logfile on splunk. I explain it with one logfile as example. Logfil... by dexxter275 Explorer in Splunk Search 03-24-2017 0 6	0	6
Need help with regex in transforms.conf to find two words in an event Hallo, i have to filter the following literals in an event and i am new in regex: user:info ifconfig both literals... by gerdhuber Explorer in Splunk Search 03-23-2017 0 5	0	5
How to create a single dashboard that will change the search for each panel based on a dropdown input option? I have created 3 dashboards which displays performance metrics and client usage of the api. All 3 dashboards have the... by jxt950 Engager in Splunk Search 03-23-2017 0 4	0	4
How to rename the X-axis points in my chart from month number to month name? Hello, Right now on my line chart, the months are labelled as 1, 2, 3 - I would like them to be displayed as Jan, Feb... by pal4life Path Finder in Splunk Search 03-23-2017 0 8	0	8
How to compare index data with a lookup? Hi, I have a lookup with URL's, I have to compare with the index data to find count of the URL's in list. How to edi... by kiran331 Builder in Splunk Search 03-23-2017 0 2	0	2
how to troubleshoot role restriction presidence Somehow all users on my staging server are restricted to some kind of search term. When I do this each on any other ... by hartfoml Motivator in Splunk Search 03-23-2017 0 1	0	1
How to generate a search that will only display results where a field contains some non-alphanumeric characters? A field is named product. I want to produce a list of products in my source, which are not made up of only english a... by drinkingjimmy Explorer in Splunk Search 03-23-2017 0 1	0	1
How to get a table cell color to change depending on the field value? Hi, I've looked at a few answers now and can't make heads or tails of it, but what I am trying to do is, if the val... by fredkaiser Path Finder in Splunk Search 03-23-2017 4 6	4	6