Splunk Search

Community Activity

unable to see all the events in visualisation Hi We are running this search [host=uswebserver12 \|timechart span=5m avg(PercentProcessorTime) as CPU_Usage] and ge... by roopeshetty Path Finder in Splunk Search 06-01-2016 0 7	0	7
How to a DNS lookup on the top 20 IP results returned from a search? Hi All, I have a search that gives me the top 20 IP's visiting my website. I also, have a working dnslookup versi... by bkosick Engager in Splunk Search 06-01-2016 0 2	0	2
How to edit my search to pair values using "stats values()"? Hello, I'm trying to pair values using stats values(), and I'm having some trouble. I'm searching for blocked users... by janderson19 Path Finder in Splunk Search 06-01-2016 0 3	0	3
How to edit my search to find late projects (where the due date is yesterday or earlier)? Hello! I'm trying to do a search for our projects (we use Microsoft Project Online and have Splunk pull the data fro... by dzenn Explorer in Splunk Search 06-01-2016 0 2	0	2
Searching the fish bucket Indexing server.log and boot.log files using the following stanzas for both: [monitor:///opt/directory/logs/servernam... by mvangamf New Member in Splunk Search 06-01-2016 0 2	0	2
renaming field names from string+number to only the number Hi all. I have a dataset with fields like: Field_1 Field_2 Field_3 Field_4 Field_5 Name Address I need to remove t... by changux Builder in Splunk Search 06-01-2016 0 16	0	16
How do I extract these lines from my sample multiline event without patterns into a single field? Hi, I'm trying to extract some lines from a multiline event, for example: 2016-05-17T19:40:37,022 INFO [00000033] ... by gutter New Member in Splunk Search 06-01-2016 0 2	0	2
Find a time average? I am trying to determine the mean or average time when a event occurs. I would like to find an average of the last c... by omgwut56k Path Finder in Splunk Search 06-01-2016 0 10	0	10
How can I set a specific drilldown on a line chart based on the value of a field? My issue is that I have a line chart that shows the CPU usage from both linux and windows servers. If the user click... by dandaily Explorer in Splunk Search 06-01-2016 0 4	0	4
How to return results from Search1 which are not present in Search2? I have two searches that will return common fields Event & UUID. I have to get the results from the first search whic... by cvreddy New Member in Splunk Search 06-01-2016 0 2	0	2
How to edit my search to check for a valid order of events against a lookup? Hi there, i have a series of events wich contain time and location information and want to check if they are in a v... by swe Path Finder in Splunk Search 06-01-2016 0 2	0	2
How to search the sum of bytes by IP? I am trying to find the total bytes usage by user/ip - I have in the index the various clientip and the bytes usage... by arkonner Path Finder in Splunk Search 06-01-2016 0 1	0	1
Extract field from a complex multi-lines event from log file Hi pros, I am new with Splunk and trying to analyze a complex log file from a financial application. I want to figure... by langlv Engager in Splunk Search 05-31-2016 0 3	0	3
How to match two values from a lookup table and a search I have a lookup table with a list of usernames that have logged in to a website last year in 2015, and I'm trying to ... by WyldeRhoads Engager in Splunk Search 05-31-2016 0 7	0	7
Consolidated search solution across AWS and an internal data center We are in the process of extending our solution out into AWS from an internal data center, and want to index all logs... by mellocello2003 New Member in Splunk Search 05-31-2016 0 1	0	1
single value chart (as a progress bar) Using the example search: testId=1 \| stats count(sessionIDs) that returns a single value, I'd like to present it i... by ra01 Path Finder in Splunk Search 05-31-2016 0 2	0	2
How to edit my search to detect a significant change in events frequency over a sliding window? Based on an event log we would like to find event type which frequency changed by 50% or more over a 5 min window. U... by pm771 Communicator in Splunk Search 05-31-2016 0 2	0	2
getting all the value's of the culum in a table in a variable Hi i'm trying to to make a custom dashboard. This is wat i got so far. The dashboard is in html it is an image of the... by yonick Engager in Splunk Search 05-31-2016 0 2	0	2
how to get Transactions per second based on average values for each instance How to get Transactions per second from the following table(table 1). I also have a table which gets me the per secon... by jkalra Explorer in Splunk Search 05-31-2016 0 11	0	11
space in field value Hello all, I need to know how i can erase space in field value. In security audit of windows system the username in ... by ambemou New Member in Splunk Search 05-31-2016 0 2	0	2
Comparing Multivalue fields by percentage I have customer names assigned to servers in multivalue fields. Sample data below: I need to be able to compare ... by david_rose Communicator in Splunk Search 05-31-2016 0 6	0	6
How to edit our search to output certain values based on a status field? Hi, We have a requirement to write a search: We have a status(up,down,disabled,enabled), 1.If status is up or enab... by splunker9999 Path Finder in Splunk Search 05-31-2016 0 2	0	2
calculate baseline for chart in different time range I am plotting timechart avg(secs) by city for timerangepicker time range. I want to add a baseline in this chart as a... by disha Contributor in Splunk Search 05-31-2016 0 3	0	3
How to change the _time text in the table? How to change the _time text in the table? How to change in _time of "2016-04-01" to "first week", for example. ... by renanprado96 Path Finder in Splunk Search 05-31-2016 1 5	1	5
eventstats function issue Hi, For retriving data from iis logs, I have used various eval statements, eventstats, and stats functions. When I am... by guruwells Explorer in Splunk Search 05-31-2016 0 10	0	10