Splunk Search

Community Activity

Apply condition and filter results Kindly help me with a new SPLIn am getting results for the existing below SPL.I tried applying a new condition in exi... by alex4 Loves-to-Learn Lots in Splunk Search 10-06-2023 0 3	0	3
help on could not load lookup message HelloWhen I run a search i have the message "could not load lookup" with different lookup nameFor example :Could not ... by jip31 Motivator in Splunk Search 10-05-2023 0 2	0	2
time chart to show the number of widgets manufactured per reporting period Have a log with related eventOne event has the number widgets made in the period and another event has the actual tim... by jhuysing Explorer in Splunk Search 10-05-2023 0 1	0	1
Splunk UI query start and end time How can one add to the result of a Splunk query running on Splunk UI the time span i.e. the values one can put in ear... by eranhauser Path Finder in Splunk Search 10-05-2023 0 5	0	5
Stats Count by day ? I have a query that gives me four totals for a month. I am trying to figure out how to show each four total for each... by sjringo Contributor in Splunk Search 10-05-2023 0 3	0	3
How to use mstats and inputlookup command Hi,I have a alert query that uses mstats, I want this query to not throw alert during public holidays (from 9 AM to 5... by abhi04 Communicator in Splunk Search 10-05-2023 0 3	0	3
Search time parsing for nested json logs Hi,I am looking to parse the nested JSON events. basically need to break them into multiple events.I an trying some t... by AKG11 Path Finder in Splunk Search 10-05-2023 0 2	0	2
Finding Anomalies or Outliers Trying to find anomalies for events. I have multiple services and multiple customers. I have an error "bucket" that i... by irkey Explorer in Splunk Search 10-05-2023 0 4	0	4
Why is the ratio calculation of two fields returning wrong results? HelloI'm trying to calculate ratio of two fields but im getting wrong resultsif i'm calculating each one of them sepa... by sarit_s Communicator in Splunk Search 10-05-2023 0 8	0	8
Splunk search comparing avg I/O and avg load but not giving results This splunk search is not showing any result. index=os OR index=linux sourcetype=vmstat OR source=iostat [\| input loo... by Muditks Observer in Splunk Search 10-05-2023 0 1	0	1
searching for specific result system_id = AA-1, AA-1-a, AA-1-b, AA-10, AA-10-a, AA-10-b, AA-12, AA-12-a, AA-12-b,,, and so on. Notice all the syste... by yohhpark Path Finder in Splunk Search 10-05-2023 0 1	0	1
How can I determine how much an index is being searched? I am trying to determine how many searches are searching on a particular index per day. I know how much data the ind... by jamesvz84 Communicator in Splunk Search 10-05-2023 1 8	1	8
What's the best way to only do a Lookup based on the results of the main search? Hi, What's the best way to only do a Lookup based on the results of the main search? I want to only run this when 2 ... by finchy Explorer in Splunk Search 10-04-2023 0 5	0	5
How to search in Splunk if a specific lookup table is being used in a dashboard? Hello, I was wondering if it is possible to locate or search in Splunk if a specific lookup table is being used in a ... by TaraAshley Engager in Splunk Search 10-04-2023 0 2	0	2
How to search and report based on presence or lack of string? Have following data in the logfile {xxxx},{"GUID":"5561859B8D624FFC8FF0B87219060DC5"} {xxxx},{"GUID":"5561859B8D62... by runiyal Path Finder in Splunk Search 10-04-2023 0 5	0	5
How to create search for SVC's by index? I have found a search in the charge back application that might fit for seeing the SVC's by index. Unfortunately tha... by NanSplk01 Communicator in Splunk Search 10-04-2023 0 2	0	2
How to create a timeline table? Hi,we are logging api requests in Splunk. I would like to create a sort of health check table where every column repr... by faustf Communicator in Splunk Search 10-04-2023 0 3	0	3
Plot graph for previous 2 weekday average Hi, I'm trying to plot graph for previous 2 weekday average. Below is the query usedindex="xyz" sourcetype="abc" app... by Tester237 Explorer in Splunk Search 10-04-2023 0 2	0	2
Finding the number of null cells in a table Lets say I have a table of two fields. and some of the cells are empty.How do I find the number of empty cells using ... by P3G4SUS New Member in Splunk Search 10-04-2023 0 2	0	2
Get latest events of json and visualize it to table. Hello friends!I get JSON like this{"key":"27.09.2023","value_sum":35476232.82,"value_cnt":2338}and so on...{ [-] ke... by alexeysharkov Path Finder in Splunk Search 10-04-2023 0 4	0	4
Plot graph using lookup file Hi Team, I have a got a request to plot graph of previous 30 days. But the org has a retention period of 7days set on... by shreyasbsharma Engager in Splunk Search 10-04-2023 0 7	0	7
How to run a chart command grouped by 2 fields? HelloIm trying to run a chart command grouped by 2 fields but im getting an error:this is my query : \| chart value... by sarit_s Communicator in Splunk Search 10-03-2023 0 8	0	8
Possible to find different of two amounts from different events but already within a sort by time span? Hi,Is it somehow possible to find difference between two or more amounts from different events when the events are so... by FGAnders Explorer in Splunk Search 10-03-2023 0 3	0	3
Extract field Log like.message: [22/09/23 10:31:47:935 GMT] [ThreadPoolExecutor-thread-15759] INFO failed.", suspenseAccountNumber=... by Sekhar Explorer in Splunk Search 10-03-2023 0 5	0	5
search help, token system_id = AA-1, AA-1-a, AA-1-b, AA-10, AA-10-a, AA-10-b, AA-12, AA-12-a, AA-12-b,,, and so on. Notice all the syste... by yohhpark Path Finder in Splunk Search 10-03-2023 0 2	0	2