Splunk Search

Community Activity

	How do I add fields to output from predict I need to locate and alert on counts that are not within predicted bounds. It seems simple enough using predict, but... by chengka Explorer in Splunk Search 01-26-2016 0 2	0	2
	Is it possible to search cold bucket data only for a given index? Hello, I modified my cold bucket location, and I want to perform some test queries for data residing in cold buckets ... by mendesjo Path Finder in Splunk Search 01-26-2016 0 5	0	5
	Time and Date in two different places within my events Here is part of what my events that are in xml format look like: Blockquote``_id="1767282" _uuid="0D981036-9B9C-484... by jpelletier_splu Splunk Employee in Splunk Search 01-26-2016 0 2	0	2
	Creating new fields and setting values for fields retrieved on search. I put the key value pairs of the log message into the content body whenever i create new events throught the splunk's... by misteryuku Communicator in Splunk Search 01-26-2016 0 2	0	2
	How to put a function on the lookup field from a lookup table? Hi, My event results have a field "name" and it has lower case values (e.g. 'mike_lee'). But in my lookup table, th... by xiangtaner Path Finder in Splunk Search 01-26-2016 0 4	0	4
	How to easily replace a character in a token value ? Hello, I have a token "user" representing the name of a user. This name can contain "(" or ")". When I am using this... by ctaf Contributor in Splunk Search 01-26-2016 0 15	0	15
	Subtracting value if another field value matches Hi all, Im running two searches one returns a number called "difference" and a field called "code2", the other searc... by raby1996 Path Finder in Splunk Search 01-26-2016 0 3	0	3
	Help grouping results best command to use I'm pretty new to Splunk and trying to wrap my head around how to pull data out of Splunk and display it. I have a s... by ronaldsc New Member in Splunk Search 01-26-2016 0 4	0	4
	How can I create a report giving a number of counts per categories per week ? I am struggling to create a report that would give number of counts per categories per week. Something that could be ... by stenou New Member in Splunk Search 01-26-2016 0 3	0	3
	Accessing fields from specific events in a transaction I have logs which contain a value, time_taken. I want to work out the latency of entire transactions by summing the t... by jpanderson Path Finder in Splunk Search 01-26-2016 0 6	0	6
	Why is my search not pulling all results from a log in JSON format? I need some help writing a search that can do the following things: The log file below needs to be interrogated and ... by janis_berzins Engager in Splunk Search 01-26-2016 0 2	0	2
	How to access Date Partitioned files in HDFS dynamically using virtual index Hi, I have hdfs folders as below. /bla/bla/bla/20160121 /bla/bla/bla/20160122 /bla/bla/bla/20160123 How to acces... by sdaruna Explorer in Splunk Search 01-25-2016 0 1	0	1
	Using eval for a search. Drilldown XML ignores my lookup link and just re-uses the original search query, but with it narrowed down to the cell selection? Sorry for the mouthful in the title. I'm using a drilldown in the XML for a component in a dashboard which worked fi... by spike021 Explorer in Splunk Search 01-25-2016 0 3	0	3
	useage of query result hello , i am new to splunk and i have a bit of a problem with using the results from the query, <condition match=" '... by ronenp New Member in Splunk Search 01-25-2016 0 4	0	4
	Field Extraction question - Capturing GUID I'm still quite new to Splunk so my wording may be a little off. I am running into an issue when trying to create a f... by rewritex Contributor in Splunk Search 01-25-2016 0 2	0	2
	Search for user day 1 retention I'm taking a shot at providing metrics on day 1 retention numbers of users in our system (Create a profile and the ne... by arnol229 Explorer in Splunk Search 01-25-2016 0 4	0	4
	How to create a data model from a subset of all transactions? Hi, I'm using splunk to provide some insights into our caching performance. Across the entire set, I can easily do i... by spotter New Member in Splunk Search 01-25-2016 0 2	0	2
	Finding time between two events. Using transaction I have grouped together events for same users. There are two types of event. 1. Send SMS to user. ... by lakromani Builder in Splunk Search 01-25-2016 0 5	0	5
	Lookups and .csv files A somewhat basic question as I have not done this often. I have many .cvs files I would like to get indexed in Splunk... by tkwaller Builder in Splunk Search 01-25-2016 0 2	0	2
	Using stats to select the earliest record to pipe into the map function I am trying to select the earliest record and then pipe that into the map function to perform an addition search usin... by Kanesol Explorer in Splunk Search 01-25-2016 0 4	0	4
	Add a column to search (stats) Hi there, I have a table with some columns. Splunk should show a new column with a dynamic value. When the value of... by rzpotschien New Member in Splunk Search 01-25-2016 0 1	0	1
	parse json events properly and new line I have json data coming in. Some times few jsons are coming together. ex: json \x00\x00\x00\x00\x00\x00\xA2\x00\x00... by ashoksamal63 New Member in Splunk Search 01-25-2016 0 1	0	1
	Using the transaction command to group events being logged to two indexes, how do I only include events that are found in both indexes? Hi all! I am using the transaction command to group events being logged to two indexes. I have a common identifier. ... by tenorway Path Finder in Splunk Search 01-25-2016 0 3	0	3
	How can I count both events that are tagged and those that aren't? I currently use the following to count the number of names that are tagged as cool: ... tag::cool \| stats dc("Name")... by Phil219 Path Finder in Splunk Search 01-23-2016 0 5	0	5
	How can I display a matched value from a list.csv ? For back ground please check the accepted answer for : Best way to check email logs for recipients that are on a list... by packet_hunter Contributor in Splunk Search 01-22-2016 0 6	0	6