Splunk Search

Community Activity

Hide/unhide legend values by clicking on it On a Column Chart is it possible to hide/unhide legend values by clicking on it?For eg. if I click on www3 in legend ... by pero1234 Path Finder in Splunk Search 10-11-2023 0 1	0	1
How to calculate total when aggregating using stats max(field)? How to calculate total when aggregating using stats max(field)?Thank you for your help. Max Total Score is the total ... by LearningGuy Motivator in Splunk Search 10-11-2023 0 7	0	7
Extract domain from full url I'm working with data from this searchindex=my_index sourcetype=my_sourcetype (rule=policy_1 OR rule=policy_2 OR rule... by jwhughes58 Contributor in Splunk Search 10-11-2023 0 8	0	8
How to create exception list by comparing two tables . How to get the exception from the below tables. Exception is John who is not HR table . User list from the server... by Hema_Nithya Explorer in Splunk Search 10-11-2023 0 2	0	2
Making all pie charts in a row in same vertical Hi Splunkers! How to assign the pie chart in same vertical if we are having dropdown in one specific pie chart.Havi... by smanojkumar Contributor in Splunk Search 10-11-2023 0 3	0	3
How to search the time difference between a certain event and the event prior? I am trying to find the time of a type of event, and the time difference of the same type of event that happened just... by _dave_b Communicator in Splunk Search 10-11-2023 0 9	0	9
How to display other fields on the same row when aggregating using stats max(field)? How to display other fields on the same row when aggregating using stats max(field)?Thank you for your help. For exam... by LearningGuy Motivator in Splunk Search 10-11-2023 1 4	1	4
Network Bandwidth Usage by url Hi,I want to simply know bandwidth usage by url (I span on 10s for not flooding) then I divide by 10I wrote this, it ... by ApolloJ Engager in Splunk Search 10-11-2023 0 3	0	3
Replacing "No Results Found" with "0" I have the below query: My Search query returns a value when it finds some result whereas when it doesn't find any ma... by santosh_hb Explorer in Splunk Search 10-11-2023 3 15	3	15
Counting and threasholding Folks,I'm new to SPL worlds. Please advice right direction to learn splunk search. Environment: proxy log searchSitua... by kyoshiike Explorer in Splunk Search 10-11-2023 0 3	0	3
[SPLUNK-ES] Support Request For New Search "SELECTED FIELDS" and selected “MODE” Dears,We would like to report an issue related to Splunk-ES during the navigation of the “Search” window.We are not a... by SM Loves-to-Learn in Splunk Search 10-11-2023 0 2	0	2
Compare 2 lookup to show non match info Hi, I have 2 lookup which is lookup A and lookup B. My lookup A will be keep update by splunk query and my lookup B i... by Akmal57 Path Finder in Splunk Search 10-11-2023 0 7	0	7
Metrics average Hi,I am new to splunk metrics search. I am AWS/EBS metrics to splunk. I want to calculate the average throughput and ... by alakdam Path Finder in Splunk Search 10-10-2023 0 1	0	1
Calculate error percentage of HTTPStatus index=sample(Consumer="prod") ServiceName="product.services.prd.*"\| stats count(eval(HTTPStatus >= 400 AND HTTPStatus... by kris1733 Loves-to-Learn in Splunk Search 10-10-2023 0 4	0	4
how to display the difference between main search and subsearch assuming I have this log history:[sent] task=abc, id=123[sent] task=abc, id=456[success] task=abc, id=123I would like... by mm7 Explorer in Splunk Search 10-10-2023 0 4	0	4
Splunk Query to check two Conditions Hi AllWe are trying to get the incidents which are in open state (ie AlertStatus only equal to CREATE) .Table Out is ... by prakashsbk Explorer in Splunk Search 10-10-2023 0 2	0	2
grouping field data and count I have data like provided below: field AField BField CField Dabc.com11ABCD11xyz.com22 ABCD11abc.com11AB CD11xyz.com22... by ritzz Loves-to-Learn Lots in Splunk Search 10-10-2023 0 6	0	6
Trying to map total throughout the day I have a search that gives me the total license usage in gb's for a given time: index=_internal source=*license_usage... by aldrichb Explorer in Splunk Search 10-09-2023 0 5	0	5
How to convert json events results into one json event? My query returns many events, each event is in a form of a json i.e. { "key1": "val1", "key2":"val2"}I would like to ... by eranhauser Path Finder in Splunk Search 10-09-2023 0 6	0	6
Why no events returned if using "" to search instead of "index=" Hi,From the context menu of a "username" field value I choose "new search", then the below SPL was automatically adde... by TrangCIC81 Communicator in Splunk Search 10-08-2023 0 2	0	2
Arranging the tabular columns and removing the empty fields in the table Hi,I am working on a query where i need to display the table based on the multiselect input.multi-select input option... by KR1 Loves-to-Learn Lots in Splunk Search 10-08-2023 0 3	0	3
Support for the current PowerShell module for Splunk Is there no current PowerShell module support for Splunk? I am only finding old articles on this and various sites. by jbruns2023 Engager in Splunk Search 10-08-2023 0 6	0	6
Analyzing PowerShell logs in Splunk Hello everyone. I'm currently working on a lab assignment and I'm having trouble understanding the meaning of two spe... by quangnm21 Explorer in Splunk Search 10-07-2023 0 2	0	2
Moving fields from a subsearch I have a search and subsearch that is working as required but there is a field in the subsearch that I want to displa... by balcv Contributor in Splunk Search 10-07-2023 0 3	0	3
assign value to earliest How I can assign a value to the earliest argument in my query which is the rounded to the last 10 minutes?when I try ... by eranhauser Path Finder in Splunk Search 10-06-2023 0 6	0	6