Splunk Search

Community Activity

What does your splunk tell you about Valentines day? Can a Splunk search tell you anything about love? Share your valentine's day searches here. Here's one to get you st... by jplumsdaine22 Influencer in Splunk Search 02-13-2017 0 3	0	3
How to convert epoch to human readable in "KV_MODE = json" extractions. I've recently installed the Tenable Nessus app, which is doing most of it's search-time field extractions using the "... by adamsmith47 Communicator in Splunk Search 02-13-2017 0 3	0	3
How to show only single values of different fields in a single table? I am very new to Splunk and have a requirement to show current values of multiple fields in a single table, my data g... by hwakonwalk Path Finder in Splunk Search 02-13-2017 0 3	0	3
How include empty buckets in the start and end of timechart/bin output? I have a scenario here. I have data in my local Splunk for time range from 6-Nov-2015 11:45 UTC to 10-Nov-2015 13:45... by sureshbabu123 New Member in Splunk Search 02-13-2017 0 6	0	6
Need help with RegEx Hi, I am trying to extract a field in Splunk but the field extraction doesn't work and throws this error "The extr... by omuelle1 Communicator in Splunk Search 02-13-2017 0 10	0	10
How to edit an inputlookup search that displays table of hostnames against corresponding indexes? I have an inputlookup called hosts.csv that looks like this: host ---------- hostname1 hostname2 hostname3 hostname4... by gener_yc Explorer in Splunk Search 02-13-2017 1 4	1	4
How to apply Text Analytics on a field ? How to apply Text Analytics on "Country" field in my dashboard to find out the top 3 countries most frequently used? by c_krishna_gutur Explorer in Splunk Search 02-13-2017 0 1	0	1
Is there an efficient way to not allow * search Often times users issue * search over a time range. With huge data on the indexes this becomes a problem taking unnec... by pradeepkumarg Influencer in Splunk Search 02-13-2017 0 11	0	11
Using timechat with 2 fields without any field calculation Hi, I'm new in Splunk (and my knowledge is very very basic) and I have to build a complex dashboard with multiple in... by fariapm1 Explorer in Splunk Search 02-12-2017 0 3	0	3
Regex help on multiline fields and mvexpand My data sample is as below C12345 my1Surname, my1First Role Access (Group1) - I ... by koshyk Super Champion in Splunk Search 02-12-2017 0 2	0	2
checking the duplicate sourcetypes for monitor stanzas in UF what happens if 2 different monitoring stanzas have same source type name ? . Is there any query to verify whether di... by kteng2024 Path Finder in Splunk Search 02-12-2017 0 3	0	3
How can I dedup across rows and columns in a pivot table? I have a pivot table with data, but I need to find the number of times these values occur. However, a user can input ... by ereed18 Engager in Splunk Search 02-11-2017 0 2	0	2
How do I write a regular expression to return a matching pattern in my logs? Any string starting with COLDAPP , ending with double colon, would be a Tx id in my logs. it can be at the beginning/... by pradjswl Explorer in Splunk Search 02-11-2017 1 9	1	9
How to properly index data from a CSV input with timestamp column I'm trying to index CSV format inputs and the timestamp can be indicated by the fields within, rather than the time t... by jayakumar89 Explorer in Splunk Search 02-11-2017 0 3	0	3
how to eval new field to filter events by a number in the raw data i want to filter my data, based on the key numbers present in raw events. example event1: sdfgn dfnlk 1/25/2017 ldjo... by annamareddi New Member in Splunk Search 02-11-2017 0 2	0	2
How to generate a search to find out hosts in Splunkd that have restarted? Can i please know the search to find out the hosts in Splunkd that have restarted or has " splunkd started Conf mut... by kteng2024 Path Finder in Splunk Search 02-11-2017 0 2	0	2
DGA Regex in Splunk I am trying to search through logs for unusual domains generated by DGAs. I want to use regex to search for domain na... by masfar Engager in Splunk Search 02-11-2017 0 7	0	7
Need help to create search for the same time over days All, I am running this simple search from 12pm to 2pm: index=ssn sourcetype=app-gmr eventtype=start_job \| stats cou... by GersonGarcia Path Finder in Splunk Search 02-11-2017 0 3	0	3
Why does using eventstats result in seemingly lost data at a certain number of events? I'm trying to calculate the percentage of a specific account's usage. To do this, I'm calculating the usage across al... by mburgoon New Member in Splunk Search 02-11-2017 0 2	0	2
Need help with a greater than in seconds My search alert filter: host=web-* "\"response_code\": 5*," OR "\"message\": \"Application Error\"" OR "\"response_co... by trehman New Member in Splunk Search 02-10-2017 0 2	0	2
How to Edit my search Query to Show images in the Dashboard panel? Hello How to add the images in Splunk Dashboard panel, I have to show a 'Tick' mark when I see logs from a Index and... by kiran331 Builder in Splunk Search 02-10-2017 0 3	0	3
how to show three values in label in visualization of splunk in my chart I am showing three variable values using xyseries command. But looking at bar chart we can see only two ... by karthikeyan_k14 New Member in Splunk Search 02-10-2017 0 12	0	12
Use table value in later stats command such as avg, max I have a search which outputs a table such as apiNAME (-- this is the column head with values as below) apiA_MS api... by bing_zheng New Member in Splunk Search 02-10-2017 0 5	0	5
How to convert my response time field into seconds? i want to retrieve responsetime and convert it into seconds. please help me with Rex IP Respo... by sravankaripe Communicator in Splunk Search 02-10-2017 1 3	1	3
Convert data from "%Y-%m" to epoch and again to "%Y-%m" Hi guys, I am begginer which some problems with converting. I tried to parse date in format %Y-%m like 2017-01 to epo... by Accak Path Finder in Splunk Search 02-10-2017 0 4	0	4