Splunk Search

Community Activity

How to tell what searches are running currently I want to avoid killing somebody else's search in the event I need to restart splunk. Is there any way to see all the... by thepocketwade Path Finder in Splunk Search 11-14-2016 4 7	4	7
How to merge two searches and make a single timechart? Hey, i'm trying to merge/join 2 searches into 1, and create a table of the data. this is my starting query: index=... by naty Path Finder in Splunk Search 11-14-2016 0 1	0	1
Overwritten sourcetypes not searchable Hi fellow splunkers, I ran into a problem regarding "Overwriting of an existing sourcetype via props and transforms... by horsefez Motivator in Splunk Search 11-14-2016 1 2	1	2
How do I get only values ending with, say $, from a search I would like to search for values that end with or begin with specific characters by vhuphilo Engager in Splunk Search 11-14-2016 0 1	0	1
How to extract text from the Message field up to the first "." in Windows event logs? We have made a dashboard to show the rare events generated by users Account_Name=XX* \|rare limit=20 EventCode \|tabl... by daniel_knights New Member in Splunk Search 11-14-2016 0 2	0	2
Rename an index in a Splunk distributed deployment I would like to change the name of an index without losing any data etc. Is it possible to modify an index name in th... by dsofoulis Path Finder in Splunk Search 11-14-2016 0 1	0	1
How to add time filter late in the search command I understand how to search using the time range picker, or by adding "earliest" and "latest" in the primary search-co... by rolfn Explorer in Splunk Search 11-14-2016 0 4	0	4
How to fill empty latest parameter in URL When I open a dashboard the URL looks like this: https://....../en-US/app/app_name/dashboard?earliest=0&latest= H... by mbschriek Explorer in Splunk Search 11-13-2016 0 5	0	5
How do I visualize my sample data in a bubble chart? I want to show the below data in Bubble chart: Data1 $1000 Data2 $10000 Data3 $100000 Data4 $1000000 With this,... by ravitejaj Explorer in Splunk Search 11-13-2016 0 3	0	3
How to extract Major_Brand_Display_Name value from xml <EmailAddress>RON@xyz.COM</EmailAddress> <Attributes> <Name>Addressee_Name</Name> ... by kirankotla New Member in Splunk Search 11-13-2016 0 5	0	5
Missing interesting fields in the Search & Reporting screen When I use the Splunk's Search & Reporting screen, it does not list any of the Interesting fields that are in the csv... by billfriese Explorer in Splunk Search 11-13-2016 0 7	0	7
.xlsx option Hello Is there way to add xlsx to the drop down menu when you do a export? All i am seeing is csv, xml, and json. ... by ecab081 New Member in Splunk Search 11-13-2016 0 1	0	1
How to aggregate percentage information in pie chart labels? I would like to aggregate the % info in the pie labels, so it will read: "OK (77%)" instead of OK "ERRORS (23%)" in... by snemiro_514 Path Finder in Splunk Search 11-13-2016 1 8	1	8
Pull Date from Filename So I have some logs that are in the following format: Filename: 16061601rw.dat Each line has a time stamp, but it... by adrianduff New Member in Splunk Search 11-13-2016 0 2	0	2
How can I see all forwarders deployed in the Distributed Management Console and in a search from internal metrics log? I am confused here. I work with a massive distributed environment and I want to see ALL of our thousands of forwarder... by brian1_tate Path Finder in Splunk Search 11-12-2016 0 2	0	2
How to write a search to display the end date of field values and the time difference? Hi all. I have a sourcetype with PENDING orders in a field: ORDERID. In other sourcetype i have ANSWERED orders with... by changux Builder in Splunk Search 11-12-2016 0 8	0	8
How do I simulate doing a left join or outer join using the "lookup" command? Issue I am running into right now is I have a result set that I want to pull in threshold values that reside in a loo... by bcronrath Path Finder in Splunk Search 11-11-2016 0 3	0	3
How to search the duration between two events in the same field? Hi, Hi everyone. I need to find out the duration between two events in the same field. My table is like this: user ... by prashanthberam Explorer in Splunk Search 11-11-2016 0 4	0	4
How to generate a search that will show the time between REQ and ACK? Hi, Anyone, please help me. I need to find out the time between REQ and ACK by using the (TS:1478717835696) and Data... by prashanthberam Explorer in Splunk Search 11-11-2016 0 2	0	2
Is timewrap an official SPL command in Splunk 6.5? I noticed that timewrap came up as suggested SPL command in a Splunk 6.5 search box (see attachment). The command doe... by rjthibod Champion in Splunk Search 11-11-2016 0 7	0	7
How to edit my search to find different ports used per IP and their count? I have am looking data from out firewall. There I have a search that gives me a list of all allowed traffic to all IP... by lakromani Builder in Splunk Search 11-11-2016 0 2	0	2
How to edit my search to use a lookup table to search events around a specific time? Hi, I have a lookup table that has 1 field (Cpe_ID). I need to use the lookup table to search the events around a s... by dbcase Motivator in Splunk Search 11-11-2016 0 5	0	5
How do I extract a numerical field and rename the value? this is the raw data from my search index=myindex sourceype=mysourcetype 2016-11-10 07:41:29 Local7.Debug 22.85... by rwiley Explorer in Splunk Search 11-11-2016 1 3	1	3
Modify the format of events in splunk UI Hi All, I have JSON Logs like below: SAMPLE EVENT: "line":" 2016-10-21 19:16:00 INFO [CollectorAccess] Updating pee... by sarnagar Contributor in Splunk Search 11-11-2016 0 14	0	14
How do I return the number of times a specified value appears in a field? Hello, I have a simple issue that I can't resolve, and was hoping for support. I have the following data: OBJECT ... by andrew_f_trobec Explorer in Splunk Search 11-11-2016 0 3	0	3