Splunk Search

Community Activity

How to build a dashboard that passes a UserID token to another dashboard within the same app? Hi All, If i have two dashboards in one app, if i enter userid in dashboard1 it should pass the same userid to next ... by rachala New Member in Splunk Search 02-27-2017 0 3	0	3
How to combine multivalue fields of different lengths? So I am trying to figure out how to separate out multi value fields of different lengths. The problem is that mvzip w... by dethaspagan New Member in Splunk Search 02-27-2017 0 2	0	2
setting the time format for timezone offset in props hi, I would like extract the timezone offset in time format in props. example time format , 2017-02-05T01:20:10.04... by kteng2024 Path Finder in Splunk Search 02-27-2017 0 4	0	4
SplunkJS Getting collection name based on a lookup When you define a new kvstore based collection you use stanza with both new collection name and the base lookup for t... by MisteRious Explorer in Splunk Search 02-27-2017 0 1	0	1
How to search for field values that appears in another field and vice versa? Basically what I'm trying to ask is, for instance if my data is like this index, field1, field2 1, apple, boy 2, app... by chensy Engager in Splunk Search 02-27-2017 0 6	0	6
how to write the regular expression for my statement? Hi folks, could you please anyone help me to write the regex for below statement and need extract the external value... by lksridhar Explorer in Splunk Search 02-27-2017 0 6	0	6
How to generate a search to display the count of a field based on filepath extensions? I have a search with multiple extensions in a field which, i want to group details based on the extensions in filepat... by rvinjana Explorer in Splunk Search 02-27-2017 1 2	1	2
Does Splunk have any plans to roll out voice search? Does Splunk have any plans to roll out voice search? by satya2p Path Finder in Splunk Search 02-27-2017 0 2	0	2
Why are saved searches running on indexers? Hi, when i run ps aux \| grep "scheduler" on indexer i see some searches running .. I am wondering how come saved se... by kteng2024 Path Finder in Splunk Search 02-26-2017 0 1	0	1
strptime() format based on multiple fields I Have two fields one with Date in YYYYMMDD and TIME in HHMMSS format. the hour field sometime has values like 3000 w... by rahulvairagyam New Member in Splunk Search 02-26-2017 0 4	0	4
No results found, I want to show other message but I want stats count by field I am trying to compare the count based on ServiceMethod [field], but when there are no results found, that particular... by SS00110896 New Member in Splunk Search 02-26-2017 0 2	0	2
How to edit my search to extract a single record from an inputlookup file? I have an inputlookup file that shows temperature records and is formatted as follows rec-date,average-low,average-h... by rvoninski_splun Splunk Employee in Splunk Search 02-26-2017 0 6	0	6
How to add a static column to a table with dynamically search result I have a search successfully generate a dynamic table BUT I couldn't add a static column called baseline: I tried to... by bing_zheng New Member in Splunk Search 02-25-2017 0 4	0	4
How can I convert my time format to epoch time? Format i have in Splunk:- Duration as 9h:42m:32s I tried to use below search but it didn't worked. eval "Duration"... by m7787580 Explorer in Splunk Search 02-25-2017 0 3	0	3
How to use Windows event logs to alert for the failed attempts less than 5 occurring for every hour? Slow and Low attack? How to use Windows event logs to alert for the failed attempts less than 5 occurring for every h... by kiran331 Builder in Splunk Search 02-25-2017 0 1	0	1
line chart cumulative counters by host Problem: Creating a line chart from cumulative counter (i.e. snmp ifOutOctets or Windows TCP counters) for multiple ... by bmacias84 Champion in Splunk Search 02-25-2017 1 2	1	2
How to edit my search to find the status of tickets for my groups? Hello, i have a data from ticketing system where events looks (more or less for the simplicity) like this: date, ti... by tomaszwrona Explorer in Splunk Search 02-24-2017 0 4	0	4
How to calculate transaction per second for my search? for the search index=* some_events \| stats count how to calculate the transaction per second for this search (how... by abzmhzsplunk New Member in Splunk Search 02-24-2017 0 5	0	5
How to display bucket/histogram data with zero count? I'm trying to run a bucket/histogram of data but I want to display buckets that have zero count. By default, bucket ... by jbp4444 Path Finder in Splunk Search 02-24-2017 1 3	1	3
How to extract field for irrelevant data log to indexed? Event Flow (THREAD-XXXX) YYYY-MM-DD 15:53:38.486 - Server_Name flow step millis 32 ('XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX... by karthikeyan_k14 New Member in Splunk Search 02-24-2017 0 1	0	1
How do I find Active Directory usernames logging in to ADFS from the Outlook App for iOS or Android? We'd like to identify all of the users that have set up the Outlook app for iOS or Android. All of the authentication... by saltybeagle Explorer in Splunk Search 02-24-2017 2 2	2	2
How to generate a regular expression that extracts a field in my event data? I need to do a field extraction for everything after the ) to the end of the first line. I've tried about every regex... by jeck11 Path Finder in Splunk Search 02-24-2017 0 9	0	9
How to create a bar chart that compares values over two time periods? I've created a search that displays the top 10 blocked destination ports over the last 4 hours. I've also managed to ... by swedishmike New Member in Splunk Search 02-24-2017 0 7	0	7
How do I correct error "Error in 'rest' command: Invalid argument: '/services/server/info' "? I've recently installed splunk 6.5.1 on windows 2008 R2. I've also enabled 'Health Check' in Monitoring Console, but... by lessthan80 Explorer in Splunk Search 02-24-2017 0 1	0	1
How can I get the 10 oldest events of a search first and quickly? All, Any idea how I get the 10 oldest events from the search below? I need it to validate that we have 90 days of r... by daniel333 Builder in Splunk Search 02-24-2017 0 1	0	1