Splunk Search

Community Activity

Replace string I want to replace (" ") in my xml file to single (").Since there is some misplace of double codes in my whole file.So... by john Communicator in Splunk Search 04-08-2016 1 7	1	7
I need to fill missing values in a search as NULL I need to fill missing values from search items as NULL (not the string, but actual NULL values) I see options to ch... by abhijitp Path Finder in Splunk Search 04-08-2016 1 10	1	10
convert time field i have the last sync time for my activesync clients going to splunk via powershell input. ex: LastSyncAttemptTime = ... by gdavid Path Finder in Splunk Search 04-08-2016 0 5	0	5
Use of color field in treemap visualization Is there a working example of the use of color_field in the new Treemap visualization? I have tried the form that t... by raoul Path Finder in Splunk Search 04-08-2016 1 1	1	1
stats count help I am pulling syslogs and attempting to count IPs that are blocked for abuse. My counts are coming up 0. the IP used... by hermeslxxv Engager in Splunk Search 04-08-2016 0 5	0	5
Is it possible to populate values and pass to a search pipeline based on a lookup value? (Without using JS) I'd like to have a simple XML dropdown that selects, as an example a Device Name. deviceName,Vendor,Model mainfw,Cis... by esix_splunk Splunk Employee in Splunk Search 04-08-2016 0 1	0	1
How to add a fixed value into the stats count? I am trying to have a single value panel. The search for the same is given below: index=* host="prodserver-*" source... by sunilkumarpk Engager in Splunk Search 04-07-2016 0 3	0	3
How do I use regex to extract URL parameter field names I want to extract the field names from a URL's parameters. For example my raw event might look like this: action=acc... by DPWSplunkPOC Explorer in Splunk Search 04-07-2016 0 4	0	4
How do you use the value of a field as a keyword search? I would like to use the value of a field as a keyword search. For example, if I have field like dest_ip="1.1.1.1", ho... by davidhake New Member in Splunk Search 04-07-2016 0 6	0	6
Is it possible to run a search with a cron expression inside the search? My requirement is to monitor files daily, weekly, monthly, and quarterly and I have to search during a specific time ... by prakashbhanu407 New Member in Splunk Search 04-07-2016 0 2	0	2
How to edit my stats search to find the percentage of a range? I'm trying to build a simple SPL query to display the max, min, range (difference), and percent of the difference to ... by dcascione Explorer in Splunk Search 04-07-2016 0 2	0	2
How to search average response times at a specific time? Hello, I'm trying to write a splunk query but dont know where to start with. Is it possible to write a query to sear... by nlrdy Explorer in Splunk Search 04-07-2016 1 2	1	2
How to create a drilldown to run a new search from clicking an item on a table? I looked through the docs and other Splunk Answers, but it still isn't making sense to me, so please bear with me.  ... by aferone Builder in Splunk Search 04-07-2016 0 4	0	4
How to show stats count grouped by two fields in a graph? I have 3 Ticket groups A, B, and C. And multiple users. My system logs every ticket purchased under each ticket group... by cseuser New Member in Splunk Search 04-07-2016 0 3	0	3
Detailed Index Status Report - Is there one? I would like to see the following for each index limit (maximum size) Mbcurrent size Mbavg. Mb indexed per day last ... by lguinn2 Legend in Splunk Search 04-07-2016 6 6	6	6
How to edit my regex to extract this pattern from my sample data? I am trying to extract a pattern as below. Tried a few things, but all sorts of junk data is being picked up. Event ... by koushiknandan New Member in Splunk Search 04-07-2016 0 1	0	1
How to group results by count with high number of values Hi everybody, I'm new to Splunk and this will be my first question! I'm tinkering with some server response time dat... by external_alien_ Explorer in Splunk Search 04-07-2016 1 8	1	8
Measure service uptime when we have expected downtimes Hi, I'm looking for a way to measure the uptime of a service we run. The tricky part for me is that we have downtime ... by BT_Neophyte Explorer in Splunk Search 04-07-2016 0 1	0	1
How to set max y-axis value to a number derived from a search? I need to base the max y-axis value to the number created from a search . . . how do I do that? I looked at hidden se... by cspires64 Path Finder in Splunk Search 04-07-2016 0 8	0	8
Regex for pattern match Hello I need a regex expression to match the below patern in my abc.log Pattern details: , 2014-03-20 13:43:55.608... by RashmiGowda Explorer in Splunk Search 04-07-2016 0 5	0	5
How to edit my search to pull the first instance of an AnyConnect VPN connection for each start and end session? I want to know if anyone can help me pull the first instance of a VPN Connection for each start and end session. Anyc... by fmpa_isaac Path Finder in Splunk Search 04-07-2016 0 2	0	2
show fields with no values in a timechart Hello Expert, I'm showing a multilines graph using this search: sourcetype="mysource" thefield="x" or thefield="y" ... by royimad Builder in Splunk Search 04-07-2016 0 2	0	2
Hi, i want to colored my cell by red if the value are equal or less than 2 for the below table query for (Value_g) index=vsdm_p host = vgmm13zw.internal.vodafone.com OR host = vgmm14zw.internal.vodafone.com source="Perfmon:FreeDiskS... by MShawki New Member in Splunk Search 04-07-2016 0 2	0	2
Timechart intervals starting NOT on the top of the hour If you have created a timechart mapping, say, the number of unique users over time, Single Value will display the mos... by bpopssplunk Engager in Splunk Search 04-07-2016 1 3	1	3
How to view a list of my most recent searches (search history) This seems like it should be an easy question, but I haven't found the answer.... I ran a search recently and it had... by mfrost8 Builder in Splunk Search 04-07-2016 1 3	1	3