Splunk Search

Community Activity

Replacing "No Results Found" with "0" I have the below query: My Search query returns a value when it finds some result whereas when it doesn't find any ma... by santosh_hb Explorer in Splunk Search 10-11-2023 3 15	3	15
Counting and threasholding Folks,I'm new to SPL worlds. Please advice right direction to learn splunk search. Environment: proxy log searchSitua... by kyoshiike Explorer in Splunk Search 10-11-2023 0 3	0	3
[SPLUNK-ES] Support Request For New Search "SELECTED FIELDS" and selected “MODE” Dears,We would like to report an issue related to Splunk-ES during the navigation of the “Search” window.We are not a... by SM Loves-to-Learn in Splunk Search 10-11-2023 0 2	0	2
Compare 2 lookup to show non match info Hi, I have 2 lookup which is lookup A and lookup B. My lookup A will be keep update by splunk query and my lookup B i... by Akmal57 Path Finder in Splunk Search 10-11-2023 0 7	0	7
Metrics average Hi,I am new to splunk metrics search. I am AWS/EBS metrics to splunk. I want to calculate the average throughput and ... by alakdam Path Finder in Splunk Search 10-10-2023 0 1	0	1
Calculate error percentage of HTTPStatus index=sample(Consumer="prod") ServiceName="product.services.prd.*"\| stats count(eval(HTTPStatus >= 400 AND HTTPStatus... by kris1733 Loves-to-Learn in Splunk Search 10-10-2023 0 4	0	4
how to display the difference between main search and subsearch assuming I have this log history:[sent] task=abc, id=123[sent] task=abc, id=456[success] task=abc, id=123I would like... by mm7 Explorer in Splunk Search 10-10-2023 0 4	0	4
Splunk Query to check two Conditions Hi AllWe are trying to get the incidents which are in open state (ie AlertStatus only equal to CREATE) .Table Out is ... by prakashsbk Explorer in Splunk Search 10-10-2023 0 2	0	2
grouping field data and count I have data like provided below: field AField BField CField Dabc.com11ABCD11xyz.com22 ABCD11abc.com11AB CD11xyz.com22... by ritzz Loves-to-Learn Lots in Splunk Search 10-10-2023 0 6	0	6
Trying to map total throughout the day I have a search that gives me the total license usage in gb's for a given time: index=_internal source=*license_usage... by aldrichb Explorer in Splunk Search 10-09-2023 0 5	0	5
How to convert json events results into one json event? My query returns many events, each event is in a form of a json i.e. { "key1": "val1", "key2":"val2"}I would like to ... by eranhauser Path Finder in Splunk Search 10-09-2023 0 6	0	6
Why no events returned if using "" to search instead of "index=" Hi,From the context menu of a "username" field value I choose "new search", then the below SPL was automatically adde... by TrangCIC81 Communicator in Splunk Search 10-08-2023 0 2	0	2
Arranging the tabular columns and removing the empty fields in the table Hi,I am working on a query where i need to display the table based on the multiselect input.multi-select input option... by KR1 Loves-to-Learn Lots in Splunk Search 10-08-2023 0 3	0	3
Support for the current PowerShell module for Splunk Is there no current PowerShell module support for Splunk? I am only finding old articles on this and various sites. by jbruns2023 Engager in Splunk Search 10-08-2023 0 6	0	6
Analyzing PowerShell logs in Splunk Hello everyone. I'm currently working on a lab assignment and I'm having trouble understanding the meaning of two spe... by quangnm21 Explorer in Splunk Search 10-07-2023 0 2	0	2
Moving fields from a subsearch I have a search and subsearch that is working as required but there is a field in the subsearch that I want to displa... by balcv Contributor in Splunk Search 10-07-2023 0 3	0	3
assign value to earliest How I can assign a value to the earliest argument in my query which is the rounded to the last 10 minutes?when I try ... by eranhauser Path Finder in Splunk Search 10-06-2023 0 6	0	6
How to capture x,y data from stacked charts for drill down option Is there a way of capturing the x, y and z data from a stacked chart? At the moment, my x and y are as followsx = bu... by GaryZ Path Finder in Splunk Search 10-06-2023 0 8	0	8
Average count of events per field grouped by another field Hello All,I'm a relative newbie and hoping the community can help me out. I'm kind of stuck on a query and I can't fi... by rmm1982 New Member in Splunk Search 10-06-2023 0 2	0	2
Show/filter only events that existed 24 hours ago I have the following searchindex=cisco sourcetype=cisco:wlc snmpTrapOID_0="CISCO-LWAPP-AP-MIB::ciscoLwappApRogueDetec... by st1 Path Finder in Splunk Search 10-06-2023 0 4	0	4
How to spot any changes to the value of a field Hello,I have an index where data is ingested once a week. Objective of ingesting this data is to identify if there is... by ByteKnight101 New Member in Splunk Search 10-06-2023 0 1	0	1
chart Hi,I have total four fields lets say a,b,c and d. i want to show 'a' as a separate column and 'b','c' and 'd' as stac... by smanojkumar Contributor in Splunk Search 10-06-2023 0 1	0	1
Check lookup table for old/expired entries Hi All I need to do some lookup table maintenance and would like to know which hosts are not being monitored but stil... by JTS911 Explorer in Splunk Search 10-06-2023 0 4	0	4
Adding fields in stats command Hi Splunkers! Good day! I would like to add event and detection fields in stats command, after adding in stats co... by smanojkumar Contributor in Splunk Search 10-06-2023 0 2	0	2
Splunk search for range of characters Hi All.. how can I search a range of characters in splunk.. example I want to search name of people whose name starts... by dvohra Explorer in Splunk Search 10-06-2023 0 2	0	2