Splunk Search

Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
moaf13

How to extract timestamp (year, month, date) from a filename?

I have a file name that contains such timestamp: "filenameexample_161128_kadjfkj.txt" year(16) month(11) date(28) ...
by moaf13 Path Finder in Splunk Search 10-28-2016
0 2
0
2
knielsen

How to create a search to find accelerated searches, their users, and their access count?

We have a rather larger Splunk installation and user base. While checking our system for optimizations, we found that...
by knielsen Contributor in Splunk Search 10-28-2016
0 4
0
4
pavanae

What is anomalies and how can I calculate for a specific field?

For the below search My search | timechart span=1h limit=0 count by student Is it possible to list out the anomalou...
by pavanae Builder in Splunk Search 10-28-2016
0 2
0
2
pavanae

How to compute the mean activity volume per field in Splunk?

How to Compute the mean activity volume per user in each hour yesterday, and find the ones more than n standard devia...
by pavanae Builder in Splunk Search 10-28-2016
0 2
0
2
moaf13

counting using group by multivalue fields that might contain empty or inconsistent fields?

So i have scenario where i have to group by a table (Make, model, horsepower year) like the one below, Make ...
by moaf13 Path Finder in Splunk Search 10-27-2016
0 4
0
4
remy06

searching for linux audit events?

I am trying to generate some reports for linux audit events. From what I understand linux can generate multiple line...
by remy06 Contributor in Splunk Search 10-27-2016
0 8
0
8
ion1234

How do I configure timezone settings in Splunk so users in different timezones receive the same results?

I have a Splunk user in a Romanian timezone their search returns the events, let's say from midnight this day + one d...
by ion1234 Engager in Splunk Search 10-27-2016
1 2
1
2
clintla

How to search for and chart multiple values for different sourcetypes?

I'm not sure if this is a multisearch or a join or something else, but I want to chart multiple values for different ...
by clintla Contributor in Splunk Search 10-27-2016
0 4
0
4
pavanae

How to calculate Anomalies for a particular field?

Considering a field "user_name". What could be the search to find the anomalies per hour for each user_name in a day?
by pavanae Builder in Splunk Search 10-27-2016
0 1
0
1
pavanae

How to adjust the time in a timechart?

I have a timechart which displays the results for the past 7 days. But now i don't want the Splunk to display the res...
by pavanae Builder in Splunk Search 10-27-2016
0 5
0
5
lycollicott

Why do these sub-searches error when part of a dashboard or report?

We have separate indexes for 3 different applications and there are multiple instances of each application. I run th...
by lycollicott Motivator in Splunk Search 10-27-2016
0 7
0
7
kotig

How to compare values in field1 to a list of values in field2, and return all values where field2 is greater than field1?

Here is my situation. I have written a search to get a list of values per user and I did an average of the values as ...
by kotig Path Finder in Splunk Search 10-27-2016
0 10
0
10
Branden

How to write a search to return events from two event types with a common field?

Hi. I have a search question, and I believe the answer involves using transactions. I have defined two eventtypes: ...
by Branden Builder in Splunk Search 10-27-2016
0 2
0
2
arjangoos

How to search the license usage per index per department?

I want the license usages per index per department. department 1 has indexes: idx volume acc_jboss ...
by arjangoos Path Finder in Splunk Search 10-27-2016
0 1
0
1
adamkerns

How do I search based off multiple values in a URL?

I have the following URL.... https-//mywebsite.com/setup/own/massdelete-jsp?fval0=rd2-fval1=-retURL=-2Fui-2Fsetup-2Fo...
by adamkerns New Member in Splunk Search 10-27-2016
0 1
0
1
pavanae

How to combine two searches and display as a single table?

I have the below search_1 My search |top 5 users I have a second search as below My search |stats values(field_1...
by pavanae Builder in Splunk Search 10-27-2016
0 3
0
3
pavanae

How to calculate the mean and standard deviation in Splunk?

I have a search as follows :- My search | timechart span=1h limit=0 count by city Now how can I calculate the mean ...
by pavanae Builder in Splunk Search 10-27-2016
0 1
0
1
pavanae

How to edit my search to change a line graph into pie chart to display only the top 5 results?

I have a search as follows: My search | timechart span=1h limit=0 count by users Which displays a line graph for ...
by pavanae Builder in Splunk Search 10-27-2016
0 3
0
3
nasamajh09

How to search the count of all values for a field, and also display all the values in the results?

I want to count all the values of a field, and display all the values as well. How do I write a search in Splunk to a...
by nasamajh09 New Member in Splunk Search 10-27-2016
0 1
0
1
xfiles80

How to count number of events that occurred near different events

Hi, I am a begginner and can't find solution for my problem. I have 3 fields: 2 from one source Characteristic ( ha...
by xfiles80 New Member in Splunk Search 10-27-2016
0 7
0
7
danoconnl

After installing Splunk and indexing logs, we updated configurations. How do we handle field extractions before and after the update?

So we got Splunk installed and started indexing our logs before changes were put in place to better integrate with Sp...
by danoconnl Explorer in Splunk Search 10-27-2016
0 3
0
3
aamirs291

How to subtract dates from two events to find the duration?

Hello Everyone, I have two events which I have uploaded in CSV format and the events will be consistent as below: ...
by aamirs291 Path Finder in Splunk Search 10-27-2016
0 7
0
7
joshualarkins

Multi-user thresholding with compared time ranges

I have a group of users to monitor. They create actions on a fairly regular basis, but they do not all follow the sam...
by joshualarkins Explorer in Splunk Search 10-26-2016
0 4
0
4
clintla

How to pass fields as tokens from one panel to other panels on the same dashboard?

Not finding any examples so far, but not sure if it's possible. Wanting to have one dashboard panel that has a resu...
by clintla Contributor in Splunk Search 10-26-2016
2 4
2
4
jagadeeshm

How to write a regular expression to match all patterns of these dynamic URLs?

I have front-end events with several dynamic uri patterns. I am trying to generate a report to summarize the average,...
by jagadeeshm Contributor in Splunk Search 10-26-2016
0 2
0
2
Top Labels
Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...
Top Solution Authors
View All