Splunk Search

Community Activity

How to capture x,y data from stacked charts for drill down option Is there a way of capturing the x, y and z data from a stacked chart? At the moment, my x and y are as followsx = bu... by GaryZ Path Finder in Splunk Search 10-06-2023 0 8	0	8
Average count of events per field grouped by another field Hello All,I'm a relative newbie and hoping the community can help me out. I'm kind of stuck on a query and I can't fi... by rmm1982 New Member in Splunk Search 10-06-2023 0 2	0	2
Show/filter only events that existed 24 hours ago I have the following searchindex=cisco sourcetype=cisco:wlc snmpTrapOID_0="CISCO-LWAPP-AP-MIB::ciscoLwappApRogueDetec... by st1 Path Finder in Splunk Search 10-06-2023 0 4	0	4
How to spot any changes to the value of a field Hello,I have an index where data is ingested once a week. Objective of ingesting this data is to identify if there is... by ByteKnight101 New Member in Splunk Search 10-06-2023 0 1	0	1
chart Hi,I have total four fields lets say a,b,c and d. i want to show 'a' as a separate column and 'b','c' and 'd' as stac... by smanojkumar Contributor in Splunk Search 10-06-2023 0 1	0	1
Check lookup table for old/expired entries Hi All I need to do some lookup table maintenance and would like to know which hosts are not being monitored but stil... by JTS911 Explorer in Splunk Search 10-06-2023 0 4	0	4
Adding fields in stats command Hi Splunkers! Good day! I would like to add event and detection fields in stats command, after adding in stats co... by smanojkumar Contributor in Splunk Search 10-06-2023 0 2	0	2
Splunk search for range of characters Hi All.. how can I search a range of characters in splunk.. example I want to search name of people whose name starts... by dvohra Explorer in Splunk Search 10-06-2023 0 2	0	2
Apply condition and filter results Kindly help me with a new SPLIn am getting results for the existing below SPL.I tried applying a new condition in exi... by alex4 Loves-to-Learn Lots in Splunk Search 10-06-2023 0 3	0	3
help on could not load lookup message HelloWhen I run a search i have the message "could not load lookup" with different lookup nameFor example :Could not ... by jip31 Motivator in Splunk Search 10-05-2023 0 2	0	2
time chart to show the number of widgets manufactured per reporting period Have a log with related eventOne event has the number widgets made in the period and another event has the actual tim... by jhuysing Explorer in Splunk Search 10-05-2023 0 1	0	1
Splunk UI query start and end time How can one add to the result of a Splunk query running on Splunk UI the time span i.e. the values one can put in ear... by eranhauser Path Finder in Splunk Search 10-05-2023 0 5	0	5
Stats Count by day ? I have a query that gives me four totals for a month. I am trying to figure out how to show each four total for each... by sjringo Contributor in Splunk Search 10-05-2023 0 3	0	3
How to use mstats and inputlookup command Hi,I have a alert query that uses mstats, I want this query to not throw alert during public holidays (from 9 AM to 5... by abhi04 Communicator in Splunk Search 10-05-2023 0 3	0	3
Search time parsing for nested json logs Hi,I am looking to parse the nested JSON events. basically need to break them into multiple events.I an trying some t... by AKG11 Path Finder in Splunk Search 10-05-2023 0 2	0	2
Finding Anomalies or Outliers Trying to find anomalies for events. I have multiple services and multiple customers. I have an error "bucket" that i... by irkey Explorer in Splunk Search 10-05-2023 0 4	0	4
Why is the ratio calculation of two fields returning wrong results? HelloI'm trying to calculate ratio of two fields but im getting wrong resultsif i'm calculating each one of them sepa... by sarit_s Communicator in Splunk Search 10-05-2023 0 8	0	8
Splunk search comparing avg I/O and avg load but not giving results This splunk search is not showing any result. index=os OR index=linux sourcetype=vmstat OR source=iostat [\| input loo... by Muditks Observer in Splunk Search 10-05-2023 0 1	0	1
searching for specific result system_id = AA-1, AA-1-a, AA-1-b, AA-10, AA-10-a, AA-10-b, AA-12, AA-12-a, AA-12-b,,, and so on. Notice all the syste... by yohhpark Path Finder in Splunk Search 10-05-2023 0 1	0	1
How can I determine how much an index is being searched? I am trying to determine how many searches are searching on a particular index per day. I know how much data the ind... by jamesvz84 Communicator in Splunk Search 10-05-2023 1 8	1	8
What's the best way to only do a Lookup based on the results of the main search? Hi, What's the best way to only do a Lookup based on the results of the main search? I want to only run this when 2 ... by finchy Explorer in Splunk Search 10-04-2023 0 5	0	5
How to search in Splunk if a specific lookup table is being used in a dashboard? Hello, I was wondering if it is possible to locate or search in Splunk if a specific lookup table is being used in a ... by TaraAshley Engager in Splunk Search 10-04-2023 0 2	0	2
How to search and report based on presence or lack of string? Have following data in the logfile {xxxx},{"GUID":"5561859B8D624FFC8FF0B87219060DC5"} {xxxx},{"GUID":"5561859B8D62... by runiyal Path Finder in Splunk Search 10-04-2023 0 5	0	5
How to create search for SVC's by index? I have found a search in the charge back application that might fit for seeing the SVC's by index. Unfortunately tha... by NanSplk01 Communicator in Splunk Search 10-04-2023 0 2	0	2
How to create a timeline table? Hi,we are logging api requests in Splunk. I would like to create a sort of health check table where every column repr... by faustf Communicator in Splunk Search 10-04-2023 0 3	0	3