Splunk Search

Community Activity

Query Help - Traffic stats by IP & Geolocation I'm reaching out to the Splunk community once again for some query help. I'm trying to find all the traffic going thr... by jamesatwork703 Engager in Splunk Search 02-10-2017 0 3	0	3
How to extract fields with a value greater than 3 seconds? First sorry for my english. I'm testing Splunk at the moment, and i have a task to extract a field from *.log files.... by sp_lunky New Member in Splunk Search 02-10-2017 0 8	0	8
Question on subsearch as query filter Hi guys, I'm running a query like: index=my_index [search index=my_index abcd\|table x] \|table y This works out well... by radu_marian New Member in Splunk Search 02-10-2017 0 2	0	2
BUG WORKAROUND: can I reset a table to page 1 when populating search is (re)run? I have a form with a table populated by a search. The search can be tweaked via a few dropdown inputs: value of some ... by gabriel_vasseur Contributor in Splunk Search 02-10-2017 1 5	1	5
Sum field value by different fields and merge together in 1 table Hi, I have a list of events here from an account management system. "_time",dr_account,cr_account,amount "2017-02-0... by langlv Engager in Splunk Search 02-09-2017 0 6	0	6
appending 2 searches + date format is lost YYYY-MM becomes YYYY I have 2 searches: search1 and search2 search 1 gives : _time kpi1 kpi2 kpi3 kpi4 2016-01 493.26 636.06 ... by HattrickNZ Motivator in Splunk Search 02-09-2017 0 5	0	5
What is the regular expression to extract the field from my raw event? Hi How to extract the bolded field below from my raw event. It will the anything after msg=(Action: Connect). Any ... by kiran331 Builder in Splunk Search 02-09-2017 1 3	1	3
extract value with matching multiple fields If i have events like below, domain=abc, sever=abc_s1,status=running domain=abc, server=abc_s2,status=shutdown domai... by bharathk5678 New Member in Splunk Search 02-09-2017 0 6	0	6
query help...!!!!!! I have a requirement to find the average duration taken by the SERVICE in a day. Expected o/p1 for 1st service query... by martinapple381 New Member in Splunk Search 02-09-2017 0 3	0	3
Search using join returning incoherent results Hello, I am getting different results running the same search over the same interval of time. The search is: source... by lightech1 Path Finder in Splunk Search 02-09-2017 0 6	0	6
New index mapped to Hdfs data input does not result -only main index shows data Hi Folks, Sorry for a basic question, I am a newbie. I have successfully installed and configured Hadoop Connect to... by deepakmurthy Explorer in Splunk Search 02-09-2017 0 1	0	1
what happens with Duplicate GUID's hi, I want know what happens if hosts have duplicate GUID's because i my environment , i have 100 forwarders having ... by kteng2024 Path Finder in Splunk Search 02-09-2017 1 1	1	1
Upgrading apps in a clustered environment When upgrading an app in a clustered environment (in this case the netflow analytics) - can I just update the folders... by mwdbhyat Builder in Splunk Search 02-09-2017 0 2	0	2
How to run search only for shown panels? Hi, i have a dashboard with several panels. i have used the "depends" option for every panel to see only those that ... by naty Path Finder in Splunk Search 02-09-2017 0 4	0	4
timechart where field name and value are both in event data I have a database query that runs every 5 minutes. It brings back queue names and the counts of those queues. I wo... by kmaron Motivator in Splunk Search 02-09-2017 0 3	0	3
Grab max value and associated value I have a stats table of max hits by API for a given time period. index="ml_summary" report=api_stats earliest=-1w@w ... by feickertmd Communicator in Splunk Search 02-09-2017 0 5	0	5
Combining Row Results Into Columns Here is my search: \| dbinspect index=netflow \| stats sum(sizeOnDiskMB) as StateSize by state, splunk_server \| eval S... by aferone Builder in Splunk Search 02-09-2017 0 5	0	5
Hi all,I'm pretty new to splunk and having my hands on it. My question is what query is used to get the data of specifuic user. Hi all,I'm pretty new to splunk and having my hands on it. My question is , I have a index=sftp and user as some xyz.... by sujith0311 New Member in Splunk Search 02-09-2017 0 3	0	3
Why are data model metrics not showing up with this search? The following searches work : \| tstats `xxxx_summaries_only` avg(All_Performance.Memory.swap_free) AS swap_free FRO... by locose Path Finder in Splunk Search 02-09-2017 0 7	0	7
Percentile Implementation Hi I am wondering what percentile implementation does Splunk use (used by stats, etc.). It does not always return th... by sohrab Explorer in Splunk Search 02-09-2017 4 4	4	4
How to set an alert that will trigger an email when based on these conditions? HI All, I need some help in setting alerts for a condition, where I'm using a simple Splunk search to get whether t... by AdixitSplunk Path Finder in Splunk Search 02-09-2017 0 3	0	3
index time extractions search I have did index time extractions for fields. I have stored them in _meta. But when I search for the extracted fiel... by ankithreddy777 Contributor in Splunk Search 02-08-2017 0 5	0	5
how to check number of lines in each events number of lines from file is not matching in the count, want to check each events number of lines. ? by praveenbandi Explorer in Splunk Search 02-08-2017 0 2	0	2
How can I split the values in the stats table. I have used in combination of stats Values() count() by host index=* \| stats values(source),values(sourcetype),count(sourcetype) by host ....query i used host values(s... by nawazns5038 Builder in Splunk Search 02-08-2017 0 3	0	3
How to generate a search that finds the closest log record based on a user's input timestamp? I'm trying to figure out a way to get the closest log record to a user input timestamp. I'm thinking about making a d... by vzed Engager in Splunk Search 02-08-2017 0 8	0	8