Splunk Search

Community Activity

How to create a timechart in Splunk that shows how many accounts are in processing at different intervals? Hello Splunkers Hope you are doing good, appreciate beforehand all the time you take helping us out here. So I'm in... by benjillaz Explorer in Splunk Search 04-08-2016 1 2	1	2
How to extract fields from my _raw data into events and sort them in a table? I will try and explain my problem to the best of my ability. I am attempting to create a saved search from which I ho... by helpmejesus Explorer in Splunk Search 04-08-2016 0 3	0	3
How to edit my search to compute host up times with a lookup table and importance value? I have to take a logfile and extract certain fields to present as a percentage of availability ("UP" host_names). I ... by mikebarry New Member in Splunk Search 04-08-2016 0 4	0	4
Replace string I want to replace (" ") in my xml file to single (").Since there is some misplace of double codes in my whole file.So... by john Communicator in Splunk Search 04-08-2016 1 7	1	7
I need to fill missing values in a search as NULL I need to fill missing values from search items as NULL (not the string, but actual NULL values) I see options to ch... by abhijitp Path Finder in Splunk Search 04-08-2016 1 10	1	10
convert time field i have the last sync time for my activesync clients going to splunk via powershell input. ex: LastSyncAttemptTime = ... by gdavid Path Finder in Splunk Search 04-08-2016 0 5	0	5
Use of color field in treemap visualization Is there a working example of the use of color_field in the new Treemap visualization? I have tried the form that t... by raoul Path Finder in Splunk Search 04-08-2016 1 1	1	1
stats count help I am pulling syslogs and attempting to count IPs that are blocked for abuse. My counts are coming up 0. the IP used... by hermeslxxv Engager in Splunk Search 04-08-2016 0 5	0	5
Is it possible to populate values and pass to a search pipeline based on a lookup value? (Without using JS) I'd like to have a simple XML dropdown that selects, as an example a Device Name. deviceName,Vendor,Model mainfw,Cis... by esix_splunk Splunk Employee in Splunk Search 04-08-2016 0 1	0	1
How to add a fixed value into the stats count? I am trying to have a single value panel. The search for the same is given below: index=* host="prodserver-*" source... by sunilkumarpk Engager in Splunk Search 04-07-2016 0 3	0	3
How do I use regex to extract URL parameter field names I want to extract the field names from a URL's parameters. For example my raw event might look like this: action=acc... by DPWSplunkPOC Explorer in Splunk Search 04-07-2016 0 4	0	4
How do you use the value of a field as a keyword search? I would like to use the value of a field as a keyword search. For example, if I have field like dest_ip="1.1.1.1", ho... by davidhake New Member in Splunk Search 04-07-2016 0 6	0	6
Is it possible to run a search with a cron expression inside the search? My requirement is to monitor files daily, weekly, monthly, and quarterly and I have to search during a specific time ... by prakashbhanu407 New Member in Splunk Search 04-07-2016 0 2	0	2
How to edit my stats search to find the percentage of a range? I'm trying to build a simple SPL query to display the max, min, range (difference), and percent of the difference to ... by dcascione Explorer in Splunk Search 04-07-2016 0 2	0	2
How to search average response times at a specific time? Hello, I'm trying to write a splunk query but dont know where to start with. Is it possible to write a query to sear... by nlrdy Explorer in Splunk Search 04-07-2016 1 2	1	2
How to create a drilldown to run a new search from clicking an item on a table? I looked through the docs and other Splunk Answers, but it still isn't making sense to me, so please bear with me.  ... by aferone Builder in Splunk Search 04-07-2016 0 4	0	4
How to show stats count grouped by two fields in a graph? I have 3 Ticket groups A, B, and C. And multiple users. My system logs every ticket purchased under each ticket group... by cseuser New Member in Splunk Search 04-07-2016 0 3	0	3
Detailed Index Status Report - Is there one? I would like to see the following for each index limit (maximum size) Mbcurrent size Mbavg. Mb indexed per day last ... by lguinn2 Legend in Splunk Search 04-07-2016 6 6	6	6
How to edit my regex to extract this pattern from my sample data? I am trying to extract a pattern as below. Tried a few things, but all sorts of junk data is being picked up. Event ... by koushiknandan New Member in Splunk Search 04-07-2016 0 1	0	1
How to group results by count with high number of values Hi everybody, I'm new to Splunk and this will be my first question! I'm tinkering with some server response time dat... by external_alien_ Explorer in Splunk Search 04-07-2016 1 8	1	8
Measure service uptime when we have expected downtimes Hi, I'm looking for a way to measure the uptime of a service we run. The tricky part for me is that we have downtime ... by BT_Neophyte Explorer in Splunk Search 04-07-2016 0 1	0	1
How to set max y-axis value to a number derived from a search? I need to base the max y-axis value to the number created from a search . . . how do I do that? I looked at hidden se... by cspires64 Path Finder in Splunk Search 04-07-2016 0 8	0	8
Regex for pattern match Hello I need a regex expression to match the below patern in my abc.log Pattern details: , 2014-03-20 13:43:55.608... by RashmiGowda Explorer in Splunk Search 04-07-2016 0 5	0	5
How to edit my search to pull the first instance of an AnyConnect VPN connection for each start and end session? I want to know if anyone can help me pull the first instance of a VPN Connection for each start and end session. Anyc... by fmpa_isaac Path Finder in Splunk Search 04-07-2016 0 2	0	2
show fields with no values in a timechart Hello Expert, I'm showing a multilines graph using this search: sourcetype="mysource" thefield="x" or thefield="y" ... by royimad Builder in Splunk Search 04-07-2016 0 2	0	2