Splunk Search

Community Activity

help on eval command HiWhen I run the command below, it works fine index=toto event_id=4688 \| eval file_name=if(event_id==4688, replace(N... by jip31 Motivator in Splunk Search 09-14-2023 0 6	0	6
Why Stats count command is counting events that are missing in other searches? The first search query returns a count of 26 for domain X : index="web" sourcetype="weblogic_stdout" loglevel IN ("Em... by abhijeetallu Engager in Splunk Search 09-14-2023 0 2	0	2
Why are Splunk queries not returning anything in table? Splunk queries not returning anything in table. I see events matching for these queries but nothing under 'Statistics... by venugoski Explorer in Splunk Search 09-14-2023 0 3	0	3
how to set specific colors to 3 pie charts trellis with 4 dynamic labels ? Hi,I'm trying to set a specific color to each one of 4 my dynamic labels of my 3 trellis pie charts.I already added s... by 10Q Engager in Splunk Search 09-14-2023 1 0	1	0
How to get the list of Adhoc Search and Saved search running by user in Audit logs. I need to get the list of Adhoc Searches and Saved search running by user in Audit logs.how to differentiate these s... by harishsplunk7 Explorer in Splunk Search 09-14-2023 0 3	0	3
How to return Numerical Values from Model File? I use the Splunk Machine Learning command: \| fit LinearRegression blah, blah into ModelName I can generate a ModelNam... by TAE Engager in Splunk Search 09-14-2023 0 0	0	0
How to analyse the traffic of specific ip address , dest with port? Hi All,i didn't get the result by using this below query search. how to check and confirm the index and source type ... by Jana42855 Explorer in Splunk Search 09-14-2023 0 4	0	4
How to find field values from the results of a search? Hello, I have a search as shown below which gives me the start time (start_run), end time (end_run) and duration when... by ewanbrown967 Engager in Splunk Search 09-14-2023 0 1	0	1
Which record does a join function look at Hello Experts,I am looking at an alert that is using a join function to match a work_center with a work order. I am w... by strehb18 Path Finder in Splunk Search 09-13-2023 0 1	0	1
It is possible to use a variable under mstats search? Hi there, I am trying to make a statistic graph in my dashboard using the search below. \| mstats rate(vault.runtime.... by soulmaker Explorer in Splunk Search 09-13-2023 0 2	0	2
How to combine top and bin in splunk query I need to find abnormalities in my data. The data I have is individual views for certain movie titles. I need to find... by JamesWierzba Observer in Splunk Search 09-13-2023 0 1	0	1
Is there anyway to get the p(95) of URI1, URI2, URI3 if the p(95) of URI4 is greater than 2sec? Hi, Is there anyway to get the p(95) of URI1, URI2, URI3 if the p(95) of URI4 is greater than 2sec.I tried the below ... by PriA Engager in Splunk Search 09-13-2023 0 1	0	1
How to write a search to combine the sum of three metric name into one count? Hello, I have three search query below that I want to combine the three metric name sum into one total count. Can som... by soulmaker Explorer in Splunk Search 09-13-2023 0 2	0	2
How to evaluate if a value is in Seconds and only then convert to Miliseconds I am trying to parse some data for API latency. I have a value for "elapsedTime" which spits that out. However if a r... by TotallyJuvenile Loves-to-Learn in Splunk Search 09-13-2023 0 1	0	1
How to generate 2 lines of events based on a condition? Hello, I have a couple splunk columns that looks as follows: server:incident:incident#:severityseverity this objec... by David_B Loves-to-Learn in Splunk Search 09-13-2023 0 6	0	6
How to choose the index and sourcetype Hi All,I have a many index and sourcetypes but i don't know which one i have to use to search for specific ip address... by Jana42855 Explorer in Splunk Search 09-13-2023 0 1	0	1
ERROR SearchProcessRunner [531293 PreforkedSearchesManager-0] Hi Team,i am continously getting below 2 errors after i did restart. these error i am getting on indexers clusterERR... by anil_hcl Loves-to-Learn Lots in Splunk Search 09-13-2023 0 0	0	0
How to use Splunk to create a table using multiple fields? Hi,I want to create a splunk table using multiple fields. Let me explain the scenarioI have the following fields Name... by suvi6789 Path Finder in Splunk Search 09-13-2023 0 3	0	3
How to have Splunk URL parameters to redirect url to splunk App? Hi We have an application the allows users to click on a link taking them to splunk. The problem is that the link is ... by dmcintosh1972 Explorer in Splunk Search 09-13-2023 0 4	0	4
Error in 'eval' command: The expression is malformed. An unexpected character is reached at '[\| Hello All, I am trying to remove events from my Dashboards for a specific time frame using data input from lookup. ... by sharma11031988 Explorer in Splunk Search 09-13-2023 0 1	0	1
how to merge two datasets on a non 'primary key' field ? I am trying to merge two datasets which are results of two different searches on a particular field value common to b... by pgoldweic Communicator in Splunk Search 09-12-2023 0 6	0	6
How to share a non expiring search Hi All,Im looking for a way to share a non expiring search with other users. If we use the ''share job" option or jus... by jpillai Path Finder in Splunk Search 09-12-2023 0 6	0	6
How can I get the time difference between two events? I am looking at logs for asynchronous calls ( sending msg & receiving ack from kafka ) . So we have 2 event , first o... by yuvrajsharma_13 Explorer in Splunk Search 09-12-2023 0 4	0	4
How to decrypt the encrypted field? Hi All, We are basically forwarding the cloudflare firewall events to Splunk, we have enabled "payload logging" to vi... by bijodev1 Communicator in Splunk Search 09-12-2023 0 3	0	3
How to search by _time from inputlookup csv file? I have a csv file which has data like this and i am using \| inputlookup abc.csv \| search _time >= '2023-09-10" but it... by mikeyty07 Communicator in Splunk Search 09-12-2023 0 2	0	2