Splunk Search

Community Activity

How do I pipe splunk query output to a file? How do I take output (say . . . "View Sources") and pipe it to a file? by Alan_Bradley Path Finder in Splunk Search 09-21-2016 3 4	3	4
How to create an alert to trigger a happy birthday email based on a date field in a CSV file? Hello all I have data in a CSV file like: Name. dob gender Xxx 02/08/1995 m Abc 12/0... by bhaskardaivala New Member in Splunk Search 09-21-2016 0 2	0	2
How do I create a dashboard to show count roll up by location and billing system? Planning to create a dashboard from the information as below. Can we see count roll up by location and billing system... by adtetech Explorer in Splunk Search 09-21-2016 0 2	0	2
How do I prevent initial delta value from breaking my visualization? I am trying to get the delta of several key-value pairs over a period of an hour. The initial ingestion of data is f... by EricLloyd79 Builder in Splunk Search 09-21-2016 0 2	0	2
How to modify my search so it shows total MB per user for the day? bucket _time span=1d\| eval _time = strftime(_time,"%b %d, %Y")\| stats sum(eval(Bytes_Written/(1024*1024))) as MBytes... by cm22486 Path Finder in Splunk Search 09-21-2016 0 8	0	8
POST LOGIN need to execute a search and use token across dashboard Hi All, For a particular filter which is used across my dashboard , I have run a search in javascript and set a toke... by prathikpisplunk Explorer in Splunk Search 09-21-2016 0 3	0	3
Questions regarding datamodel, stats, NOT, and Macros in my query This is the query I have: \| tstats summariesonly count from datamodel=Threat_Intelligence.Threat_Activity where NOT ... by Justin1224 Communicator in Splunk Search 09-21-2016 1 2	1	2
What does "stats sum(count) by" do? Hey, a really basic question, but I'm unsure of the answer. What does stats sum(count) by do? I'm fairly sure that t... by Justin1224 Communicator in Splunk Search 09-21-2016 0 4	0	4
How to edit this search to remove the time for maintenance windows using a CSV file? We've got a search that displays our web monitor logs, and would like to add a function that allows us to remove time... by banderson7 Communicator in Splunk Search 09-21-2016 0 6	0	6
How to use the result from one search in another search? I have a set of fields like Servername, type, Country, desc,_time. These fields have been indexed and I already have ... by sushmitha_mj Communicator in Splunk Search 09-21-2016 0 16	0	16
How to get a transaction command to work with a combination of indexTime and another field? Good Afternoon Splunk, I have a question about some data that I am trying to evaluate for the transaction command. B... by dmacgillivray Communicator in Splunk Search 09-21-2016 0 3	0	3
How do I formulate the rex command to remove unnecessary spaces in the middle of my field values? I have field values that are coming in with unnecessary spaces. I'm trying to remove them and from another post, I f... by tmaltizo Path Finder in Splunk Search 09-21-2016 1 4	1	4
show unique values from yesterday Hello, please help! I want to display only the unique names from yesterday that are not in today's list Initial sea... by splunkapprentic Explorer in Splunk Search 09-21-2016 0 6	0	6
How to check if new hosts get added to instance & get alerted? The number to hosts have increased in our instance & we want to check which ones are the new ones added. Also we want... by abhijit_mhatre Path Finder in Splunk Search 09-21-2016 0 3	0	3
How to list count of Error messages I have multiple error messages in the logs and I do count by ErrorMessage. The error messages gets listed as below. ... by AravindSridhara New Member in Splunk Search 09-21-2016 0 7	0	7
show value in case of no results found hello, I'm trying to do a stats count command and to show "0" (for single value chart) instead of N/A in case the que... by avivn Explorer in Splunk Search 09-21-2016 0 2	0	2
Searching the latest event quickly Hello I would like to check if my firewall rules are used or not. For that, I'm doing something like that : index=fi... by laberthelemy Engager in Splunk Search 09-21-2016 0 9	0	9
How to use drilldown and selection in the same chart at the same time? Hi, I'm trying to use both drilldown and selection in a timechart to limit the events shown in an events view (note ... by krdo Communicator in Splunk Search 09-20-2016 0 10	0	10
Searching the _introspection index, why are PerProcess events missing? Hi, While checking the introspection index, the search index=_introspection \| dedup component \| table component ret... by dvmrp New Member in Splunk Search 09-20-2016 0 2	0	2
How to revise my search in order to convert my cluster map into a choropleth map? Hi, I have a query that supplies IP address and a status code and I have created a cluster map from the results hos... by dbcase Motivator in Splunk Search 09-20-2016 0 2	0	2
How to edit my search to categorize User Agent by Mobile OS? Hello Splunk Masters, I'm working on a radial gauge that will show successful IIS requests. I need to be able to bui... by evanleair Explorer in Splunk Search 09-20-2016 1 1	1	1
Why don't I see the real time option in time range picker? I don't see the real time option in the time range picker. I do have queries to search in real time. by ankithreddy777 Contributor in Splunk Search 09-20-2016 0 4	0	4
How can I use rex to extract the time stamp of a used search? I am attempting to create a search that would pull information about search usage. I have an index generated off of t... by ECovell Path Finder in Splunk Search 09-20-2016 0 6	0	6
Need help normalizing a field's contents for display I'm extracting a piece of a filename to create a field using makemv and a rex command. The extracted field should be... by DaClyde Contributor in Splunk Search 09-20-2016 0 4	0	4
How can i search what all indexes are into splunk ESS app? please let me know via CLI or Splunkweb.? by rajksplunk New Member in Splunk Search 09-20-2016 0 4	0	4