Splunk Search

Community Activity

How do you average multiple stats values at one time stamp as a timechart? I have multiple values connected to a timestamp at 5 minute intervals and I want to get the average of these multiple... by amandaxtru Engager in Splunk Search 07-18-2016 0 16	0	16
subsearch on more than two strings I have three source types I want to search using a user's username. One of the source types only knows the user's IP ... by daishih Path Finder in Splunk Search 07-18-2016 0 14	0	14
Links to RSS feeds or newsletter Hi Guys! This is not a technical question rather an organizational. A few years ago I have added a RSS feed for sec... by RobertRi Communicator in Splunk Search 07-18-2016 0 3	0	3
Most common and most expensive searches run by users I need to find out what are the most common searches are run by users on daily basis. Also what are the most expensiv... by shahzadarif Path Finder in Splunk Search 07-18-2016 0 5	0	5
Unable to find Dynatrace headers in Splunk I have Dynatrace monitoring all of the instances of my application. I send Loadrunner requests which append a Dynatra... by zkn9ce6 New Member in Splunk Search 07-18-2016 0 1	0	1
how can i modify multivalued field? hi, how can i change the content of multivalued field using regex. i have a multivalued field and i try to modify th... by sfatnass Contributor in Splunk Search 07-18-2016 0 2	0	2
csv files can't ignore headers Dear all, Actually working on csv files on Splunk (v6.2.3), i have such troubles to index them correctly, contains... by mmekroud Explorer in Splunk Search 07-18-2016 0 2	0	2
How do I search who is exporting aggregate data from my log files? I am fairly new to Splunk and hoping someone could help with this. I have Index log files loaded onto Splunk, so to b... by ATMO1 New Member in Splunk Search 07-18-2016 0 11	0	11
Find and filter out entries from log I want to process log file which contains numeric entries like eg 232231XX 232313XX 332133XX 411111XX 522222XX 734... by tp92222 Explorer in Splunk Search 07-18-2016 0 6	0	6
Can you split a multi [n] value json attribute in to seperate rows? I have the following json {"timestamp":"2016-07-14T10:26+01:00","venture":"abc","totalRooms":3,"rooms":[{"key":"ROOM... by nickhuge New Member in Splunk Search 07-18-2016 0 3	0	3
convert timerange to epoch values Hello! I want to use my timerange as a filter in a search on a dashboard, like this: ..... \| where mydate < $tim... by 0range Communicator in Splunk Search 07-18-2016 1 6	1	6
inner search for multiple results I have this type of events: event1 activity1 data1 date1 event2 activity1 data2 date2 event3 activity1 data3 date3 ... by marcus_doron New Member in Splunk Search 07-18-2016 0 5	0	5
Retaining Colors in PDF report Hi, We have a dashboard with couple of charts. The dashboard is developed using simple XML. We have set colors for t... by strive Influencer in Splunk Search 07-17-2016 4 1	4	1
Splunk for Exchange: Not indexing message tracking logs Splunk for Exchange v2.1.0 on Splunk v5.0.2 main search head and indexers. Running splunk universal forwarder v5.0.2... by SheridanCollege Explorer in Splunk Search 07-17-2016 0 2	0	2
Are wildcards with tstats on accelerated data models not possible? I'm running a search that is something like this: \| tstats values from datamodel=foo When the datamodel is not acc... by Goophy Explorer in Splunk Search 07-17-2016 1 13	1	13
How to display mean of last 30 days count by time from Midnight to next midnight over chart I need to display mean of last 30 days request received count over a chart at the interval of 5 minutes. Chart X-axis... by ID_SplunkUser Path Finder in Splunk Search 07-17-2016 0 2	0	2
Find the second lowest. I am trying to add a new field to my data that lists the second lowest number in a data set. So if I have New York... by DaniR86 Engager in Splunk Search 07-17-2016 0 3	0	3
Report for number of incidents closed per day Hi Eveyrone, How can I generate a report showing me number of incidents closed per day. by rashid47010 Communicator in Splunk Search 07-17-2016 0 3	0	3
How to append a field and it's value from lookup csv to a main search I have a search, main and subsearch. The subsearch uses a lookup table (a csv file). The csv file has 4 columns, co... by wtaylor149 Explorer in Splunk Search 07-16-2016 0 6	0	6
PAN data in indexes. How to tackle them to avoid non-compliance? We have Splunk system collecting data from various sources (network, OS, application logs etc). Unfortunately, some o... by koshyk Super Champion in Splunk Search 07-15-2016 0 4	0	4
Streamstats for multiple columns The following table is representing positions in uPos for different columns. Each number in a c_ column is representi... by mbschriek Explorer in Splunk Search 07-15-2016 0 2	0	2
List for a particuar field I am new to Splunk so any help would appreciated I have a table Host Software installed/Uninstalled 1 ... by taskall78 New Member in Splunk Search 07-15-2016 0 1	0	1
How to extract a text from a field Hi All I have a field which has urls in this pattern GET /echo/index?page=content&id=PRO19579&viewlocale=es_ES HTTP... by nirmalya2006 Path Finder in Splunk Search 07-15-2016 0 1	0	1
How to format an alert inline table to control what fields are displayed? I am testing an alert which sends out an email when members are added to an Active Directory group. It works fine, b... by bbeavise2g Explorer in Splunk Search 07-15-2016 0 8	0	8
How can I track time that a user is using VPN access outside the country? I have a need to track VPN access outside the country. I have an alert that triggers when someone accesses the VPN f... by digital_alchemy Path Finder in Splunk Search 07-15-2016 0 3	0	3