Splunk Search

Community Activity

query help...!!!!!! I have a requirement to find the average duration taken by the SERVICE in a day. Expected o/p1 for 1st service query... by martinapple381 New Member in Splunk Search 02-09-2017 0 3	0	3
Search using join returning incoherent results Hello, I am getting different results running the same search over the same interval of time. The search is: source... by lightech1 Path Finder in Splunk Search 02-09-2017 0 6	0	6
New index mapped to Hdfs data input does not result -only main index shows data Hi Folks, Sorry for a basic question, I am a newbie. I have successfully installed and configured Hadoop Connect to... by deepakmurthy Explorer in Splunk Search 02-09-2017 0 1	0	1
what happens with Duplicate GUID's hi, I want know what happens if hosts have duplicate GUID's because i my environment , i have 100 forwarders having ... by kteng2024 Path Finder in Splunk Search 02-09-2017 1 1	1	1
Upgrading apps in a clustered environment When upgrading an app in a clustered environment (in this case the netflow analytics) - can I just update the folders... by mwdbhyat Builder in Splunk Search 02-09-2017 0 2	0	2
How to run search only for shown panels? Hi, i have a dashboard with several panels. i have used the "depends" option for every panel to see only those that ... by naty Path Finder in Splunk Search 02-09-2017 0 4	0	4
timechart where field name and value are both in event data I have a database query that runs every 5 minutes. It brings back queue names and the counts of those queues. I wo... by kmaron Motivator in Splunk Search 02-09-2017 0 3	0	3
Grab max value and associated value I have a stats table of max hits by API for a given time period. index="ml_summary" report=api_stats earliest=-1w@w ... by feickertmd Communicator in Splunk Search 02-09-2017 0 5	0	5
Combining Row Results Into Columns Here is my search: \| dbinspect index=netflow \| stats sum(sizeOnDiskMB) as StateSize by state, splunk_server \| eval S... by aferone Builder in Splunk Search 02-09-2017 0 5	0	5
Hi all,I'm pretty new to splunk and having my hands on it. My question is what query is used to get the data of specifuic user. Hi all,I'm pretty new to splunk and having my hands on it. My question is , I have a index=sftp and user as some xyz.... by sujith0311 New Member in Splunk Search 02-09-2017 0 3	0	3
Why are data model metrics not showing up with this search? The following searches work : \| tstats `xxxx_summaries_only` avg(All_Performance.Memory.swap_free) AS swap_free FRO... by locose Path Finder in Splunk Search 02-09-2017 0 7	0	7
Percentile Implementation Hi I am wondering what percentile implementation does Splunk use (used by stats, etc.). It does not always return th... by sohrab Explorer in Splunk Search 02-09-2017 4 4	4	4
How to set an alert that will trigger an email when based on these conditions? HI All, I need some help in setting alerts for a condition, where I'm using a simple Splunk search to get whether t... by AdixitSplunk Path Finder in Splunk Search 02-09-2017 0 3	0	3
index time extractions search I have did index time extractions for fields. I have stored them in _meta. But when I search for the extracted fiel... by ankithreddy777 Contributor in Splunk Search 02-08-2017 0 5	0	5
how to check number of lines in each events number of lines from file is not matching in the count, want to check each events number of lines. ? by praveenbandi Explorer in Splunk Search 02-08-2017 0 2	0	2
How can I split the values in the stats table. I have used in combination of stats Values() count() by host index=* \| stats values(source),values(sourcetype),count(sourcetype) by host ....query i used host values(s... by nawazns5038 Builder in Splunk Search 02-08-2017 0 3	0	3
How to generate a search that finds the closest log record based on a user's input timestamp? I'm trying to figure out a way to get the closest log record to a user input timestamp. I'm thinking about making a d... by vzed Engager in Splunk Search 02-08-2017 0 8	0	8
mulitple regex extraction Hi, I'm trying to extract two fields from the below data 02-08 07:33:41.211 E/Rules_LightBaseAction( 2660): com.ico... by dbcase Motivator in Splunk Search 02-08-2017 0 4	0	4
How to create a new key-value pair from various fieldnames with a similar pattern? Hi, my events can include a fieldname with a pattern like: product_type_a product_type_b product_type_c To group c... by HeinzWaescher Motivator in Splunk Search 02-08-2017 0 7	0	7
need help to optimize splunk query from database feed index=idx_cibca__prod:- Has data from database having all fields but not CUST_NAME ie why we used join idx_cibca_look... by anantdeshpande Path Finder in Splunk Search 02-08-2017 1 4	1	4
compare two fields value for equality in two different indexes HI I want to know why this code is not working index="malecious_url" OR index="surikata" \|fields http2,http \| wh... by simin67rose New Member in Splunk Search 02-08-2017 0 1	0	1
How do I use a regular expression to extract all 22 entries of a Message field in a multiline JSON data? How do I use a regular expression to extract all 22 entries of Message field with left boundry = "Messages": [ righ... by ash2l Path Finder in Splunk Search 02-08-2017 0 6	0	6
append search to different sources Hi, I want to combine to searches: index=bla \| stats count(al_responsecode) as "Total per responseCode al" by al_re... by arjangoos Path Finder in Splunk Search 02-08-2017 0 1	0	1
Trying to get a range of dates right based on a last Saturday of the month hi there, the 1st and 3rd statement is wrong and the 2nd might be correct. Here is what I am trying to do: Current M... by maximusdm Communicator in Splunk Search 02-08-2017 0 5	0	5
How to write a search to find out the average dashboard runtime? hi there, i would like to write a search to find out dashboard runtime. index=_internal source=*splunkd_ui_access.... by srinivasup Explorer in Splunk Search 02-08-2017 0 3	0	3