Splunk Search

Community Activity

	How to fix weird futuristic time range in timechart with tstats? Consider these three searches that end with timechart. The second one skews time range all the way to year 2038! Ho... by yuanliu SplunkTrust in Splunk Search 07-31-2023 0 3	0	3
	Why are there Splunk wineventlog? Hi All, urgent help here. I check whether is any activity done by a user on a client machine, so i use this query in ... by BryanLim New Member in Splunk Search 07-31-2023 0 2	0	2
	Can you help me fix my Splunk search? Hello Splunkers!! I am facing an issue while running below search. As you can see in the screenshot. Can anyone help ... by uagraw01 Motivator in Splunk Search 07-31-2023 0 21	0	21
	Dynamic Lookup - How to do addition & removal Of entries? Dear Team I have a splunk lookup with two fields, username and location. The lookup is populated every time the locat... by pagnihot Path Finder in Splunk Search 07-31-2023 0 0	0	0
	How to click on an item in a table and get all its info? Hi I was wondering on a dashboard if you could click on an item and it shows all the information for that single inst... by Talking_Master Explorer in Splunk Search 07-31-2023 0 3	0	3
	How to change color of field if it is a certain value? Hi looking to change a color of a field based on its value in a monitoring context like failed , successful kind of t... by Talking_Master Explorer in Splunk Search 07-31-2023 0 1	0	1
	Dynamically generated field names for table or other operation I've been trying to solve this every which way and another and I always come up just short of the target.When searchi... by fatsug Builder in Splunk Search 07-31-2023 0 8	0	8
	How to dynamically change index value based on different time span selected? Hi there, need a bit of help here. Context: Our organisation recently changed the `index` thus we need to update al... by Wendy Explorer in Splunk Search 07-30-2023 0 5	0	5
	How to get rid of fields/columns generated by stats and eval commands? I want to find time difference between two events (duration some operation took) and plot a graph which shows how muc... by sravan Explorer in Splunk Search 07-30-2023 0 5	0	5
	How to extract json field if field name is same in json message log? Hi , I am trying to extract aggregated errors from json message log coming from splunk event and categorising them ba... by Anu1184 Explorer in Splunk Search 07-30-2023 0 3	0	3
	How to rename an operation field which is being computed from json (message log)? I am retrieving operation details like operation name, total time etc from json message log coming as a part of splun... by Anu1184 Explorer in Splunk Search 07-29-2023 0 2	0	2
	How to extract and filter fields with rex and regex? Hi I need help to extract and to filter fields with rex and regex 1) i need to use a rex field on path wich end by ".... by jip31 Motivator in Splunk Search 07-28-2023 0 8	0	8
	How to get the time difference of two timestamp in minutes? I 've two fields one is _time and another one is received_time. I want to get the time differences between these tw... by mikeyty07 Communicator in Splunk Search 07-28-2023 0 7	0	7
	How to extract a string from a field using Splunk Regex? I m having a hard time trying to extract a string from a field from a splunk search using splunk regex , can someone ... by deepaksn1214 Engager in Splunk Search 07-28-2023 0 1	0	1
	Create splunk chart from seach with totals over time Hello Members, I have seen and used the accum command, but it does not quite give me what I want. I have this search ... by eholz1 Builder in Splunk Search 07-28-2023 0 4	0	4
	How can I extract attachments? I am attempting to extract attachment fields from our email logs using regex. Attachments like .jpg, .png, pdf, etc. ... by treven Explorer in Splunk Search 07-28-2023 0 8	0	8
	Unable to find percentage of two values stored in two separate fieldnames I'm facing a weird issue. I'm not able to calculate percentage value when I use two variables/fields.I have a lookup ... by sh254087 Communicator in Splunk Search 07-28-2023 0 2	0	2
	Splunk search alert to check if CPU utilization is high and send emails if bad samples 5 of 6 intervals met? Hi, Alert Query to monitor CPU usage every 5 minutes and send an email if it matches 5 of 6 bad samples (i.e., if my ... by Satheesh_red Path Finder in Splunk Search 07-28-2023 0 9	0	9
	Help to convert a unix time HiI use a \| stats min(_time) as time_min stats max(_time) as time_max command in my searchThe time is displayed in Un... by jip31 Motivator in Splunk Search 07-28-2023 0 4	0	4
	Display time chart grouping by 2 fields I have a Splunk query that helps me to visualize different APIs vs Time as below. Using this query I could see each l... by RemyaT Explorer in Splunk Search 07-28-2023 0 2	0	2
	averaging the CPU values from the recent six events Hi,I'm attempting to calculate the average of the last six CPU event values. If the average of those six events is gr... by Satheesh_red Path Finder in Splunk Search 07-27-2023 0 1	0	1
	Field Extraction Issue - Need True/False comparison of all Values to Max Value of Same Field I'm wanting to avoid using saved searches and lookup tables as much if possible so it's easily maintainable by anyone... by BinaryAddict Engager in Splunk Search 07-27-2023 0 2	0	2
	need help with regex field extraction between square brackets I am still trying to get my head around regular expressions in splunk, and would like to use regex that could parse t... by Steve_A200 Path Finder in Splunk Search 07-27-2023 0 3	0	3
	Getting max/last value on different period Hello,I have an index with a field that record how long a computer has been running. Basically, when I display the in... by Altexec New Member in Splunk Search 07-27-2023 0 1	0	1
	Extracting specific parts from _raw logs Hi All,Can anyone help me create a regex to extract the bolded parts from the following _raw log, please?meta sequenc... by DanAlexander Communicator in Splunk Search 07-27-2023 0 7	0	7