Splunk Search

Community Activity

Universal Forwader Regex - no special field Hey Guys, any chance to set a blacklist entry in the universal forwarders input.conf for not sending events where in... by sdf5496d8f New Member in Splunk Search 07-29-2016 0 2	0	2
How to calculate Weighted Average After the base search such as: ...... \| stats sum(r1) as t_r1 sum(r2) as t_r2 sum(duras) as total_dura c(member) ... by tac24 New Member in Splunk Search 07-29-2016 0 2	0	2
How to write a search to show events that do not meet transaction requirements? Hello, I am trying to find a way to show events which are not meeting transaction requirements. So of course I can't... by Fleshwriter Explorer in Splunk Search 07-29-2016 0 4	0	4
[hope someone could help me!] How can reduce records in each row in splunk table. Hi, I was preparing a dashboard but i have some problems while generating the table. I am using sort and stats to gr... by jujis008 Explorer in Splunk Search 07-28-2016 0 2	0	2
Is there a way to do calculation on streamstats values? Hi folks, newbie here, trying to use Splunk to do some stuff... I have a search that ends like below: \| table DaysS... by yma8000 New Member in Splunk Search 07-28-2016 0 2	0	2
How to set the x-axis limits of a line chart? I am trying to display a timechart on a line graph. The timechart looks back 24 hours to find specific events. My iss... by pschellen New Member in Splunk Search 07-28-2016 0 2	0	2
Average load of universal forwarder and heavy forwarder Hello Splunkers, What is the average CPU/memory usage of a universal forwarder and heavy forwarder ? ( The average f... by DavidHourani Super Champion in Splunk Search 07-28-2016 0 2	0	2
Fetching data fro a limited time in to csv for lookup Hi All I am trying to schedule a job that will run every day to pull data of last 30 days into a csv file for lookup... by nirmalya2006 Path Finder in Splunk Search 07-28-2016 0 2	0	2
How to rename a field that was recently extracted? I recently extracted a few fields such as GBPS and now I would like to rename this particular field Bps. Thank You, ... by UsualSuspect7 Engager in Splunk Search 07-28-2016 0 2	0	2
How to search the average percentage of two different stats and display both on the same timechart? I'm having trouble displaying the count of 400-499 errors as 1 series on a timechart, and 500-599 errors as a separat... by bgeshk Engager in Splunk Search 07-28-2016 0 1	0	1
How do I extract this date time field from my sample data using rex? I used this search, but it is not extracting the date time field properly. I will use this date time as a common fiel... by cyberportnoc Explorer in Splunk Search 07-28-2016 0 2	0	2
How to search for dashboards and reports created by a specific user/owner? Hi Team, I was looking for reports, searches, saved searches, and Dashboards created by specific users/owners. Some ... by vinodsinha Explorer in Splunk Search 07-28-2016 1 9	1	9
How to replace URLs in multivalue fields in my logs with values from a CSV lookup file? Hi. I have a lookup which contains a list of URLs and 3 more fields loaded from a CSV file: Example: URL, value1, ... by Dosambela1 New Member in Splunk Search 07-28-2016 0 4	0	4
Splunk and QRadar integration Hello, I am interested in examples of integration of Splunk as data source to QRadar. May be somebody has any? What ... by andrey2007 Contributor in Splunk Search 07-28-2016 1 7	1	7
Sum of most used application in bytes when I have multiple applications Hi everyone, I'm pretty new to Splunk (just started a little more than 2 weeks ago). Currently I'm making a panel t... by ddong Engager in Splunk Search 07-28-2016 0 2	0	2
VPN user login from different location within one Hour Hi I am looking for the users who login from two different countries within hour hour. user C... by rashid47010 Communicator in Splunk Search 07-28-2016 0 3	0	3
Why I have very old time in my job list? Dear All Splunkers, I've a very problem in my job list which is I got the oldest query, but actually there is not con... by jujis008 Explorer in Splunk Search 07-28-2016 1 6	1	6
How do I add this regex string to my search? Hello - I have the search running below. How do I add "AAAY80" to the search? Search: index=hdx_payer sourcet... by cj039165 New Member in Splunk Search 07-28-2016 0 9	0	9
Eval strptime not creating new field I'm trying to create a calculation based on subtracting 2 dates so I'm trying to create a new eval field that convert... by svercelli Path Finder in Splunk Search 07-27-2016 0 2	0	2
how to extract this ip address "api" AND "delete" AND ("neutron" OR "nova" OR "cinder" OR "glance") \| rex field=_raw "api:(?\s\d+.\d+.\d+.\d+)" \| st... by cyberportnoc Explorer in Splunk Search 07-27-2016 0 8	0	8
How to set _time to specific limit(with in days) in earliest 30 days logs Splunk Query: "JDW14563" "START TIME" earliest=-30d \| eval seconds=(date_hour360)+(date_minutes60)\| chart values l... by kumarrm New Member in Splunk Search 07-27-2016 0 5	0	5
"No search query provided" when using base search in a dashboard OK, so I've been working away on this one for a little while now and can't see what I've missed. I've created a base... by pjb2160 Path Finder in Splunk Search 07-27-2016 0 1	0	1
How to extract a multiline "User-Agent" field from my data? S,login.test.com,HTTPS,,2016-07-27T06:41:43.000Z,,iPad,0,,login.test.com,,1469601703,NA,PROD-150607-to-as-edgenode-3,... by dongeui_hong New Member in Splunk Search 07-27-2016 0 2	0	2
inputlookup returning 0 fields Hello all, I've done this a million times, but for some reason, it's not working for me today, and I suspect it's so... by j4adam Communicator in Splunk Search 07-27-2016 0 6	0	6
How to edit my search to display a percentage in my table? What am I missing here? We have JVMs logging out to file every time there is a Garbage Collect, I'm trying to do a si... by iatwal Path Finder in Splunk Search 07-27-2016 0 5	0	5