Splunk Search

Discussions

Thread Info

REST summary index

Hi, I am currently using these 2 REST searches to populate a a dashboard. | REST /services/data/indexes | sear...

by Builder in

How to edit my search to use appendpipe to add averages for a field to my table?

index=servers |stats count AS Total avg(porcTotal) as porcTotal_Average avg(porc30) as porc30_Average avg(porc90) as ...

by Path Finder in

Age of a ticket in Business Days, excluding Weekends and Public Hoildays

We have a ticket management application, which requires us to calculate the Gross Age of a ticket, in number of Busin...

by Path Finder in

How to figure out what triggered an action=delete shown in Splunk audit logs?

Trying to figure out what triggered an action to delete several XML data which is shown in Splunk audit logs as below...

by Explorer in

join the two search results from two different data sets with different time stamps

Hi, Is it possible to get join the results with 2 different time stamps with two different indexes Means I have...

by Communicator in

How to build a list of simultaneously running threads?

Given the log events, containing time, name of thread and whether the thread has started or stopped : _time , thread_...

by Engager in

Why is does my Splunk 6.2.1 Search App keep loading while other dashboards work correctly?

Hi friends I have a strange problem with a splunk 6.2.1 installation. Search page keeps in loading... state foreve...

by Path Finder in

Report Acceleration & Lookup Table

Hi, I wonder whether someone may be able to help me please. Could someone possibly tell me whether it's possible t...

by Motivator in

Why does my search for 14 Day License usage only seem to show a rolling 3 days worth of log files?

Here's my search: index=_internal source=*license_usage.log* type=Usage (idx="main") | bucket span=1d _time | sta...

by Builder in

Why are jobs showing as Dispatched at 12/31/69 and keep running? How to search for and alert on this condition?

1969 ... wow, what a year! We have noticed a problem where we find users complaining that they can't search, and i...

by Path Finder in

How to edit my geostats search for a simple map visualization? Getting "no match found"

Hi, I'm trying to do a simple MAP visualization with the search below, but it is throwing me error no match found....

by Explorer in

How do I extract the time from this sample timestamp and convert it into seconds to find the different from the current time?

Hi, This is the timestamp format that I get in the logs: 2016-08-22 14:49:01 I want to separate the date and time ...

by Path Finder in

Add a summary row to a statistics table

Hi, I have this search: index=mso_statistics sourcetype=ic_connectivity_5min-too_small stat_name = "cell" |eva...

by Motivator in

I need some searching help for windows event logs. Can anyone tell me the specific search commands?

Hey I'm new to splunk and I'm having problems finding specific events for a local server, I need help to search for t...

by Engager in

How to extract specific lines in a multiline event based on regex match?

I am trying to analyze exception logging that is written across multiple lines, and extract only certain lines of the...

by New Member in

Application Icon did not appear

Hi everyone. I am in the midst of creating an app and I have been wanting to upload an App Icon (logo) so that it ...

by New Member in

AddColTotals & Percentage Column To Listed values

Hey guys! So i have this search: index="servers" | stats count by Delivery, VDC, Manageable | eval temp=Delivery."...

by Path Finder in

Dnslookup to output multiple event list in one query

Hello Team, Can someone pls help me to built a query using dnslookup to output multiple evnt from the event list i...

by Explorer in

What is the difference between the metasearch and tstats commands?

I've been using tstats for most of the use cases that metasearch covers, and so I'm interested in what metasearch can...

by SplunkTrust in

Creating a Tabular report

I have following output in the logfile - The service /app/service/upload succeeded in 1.264000 seconds, Request: {...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

REST summary index

How to edit my search to use appendpipe to add averages for a field to my table?

Age of a ticket in Business Days, excluding Weekends and Public Hoildays

How to figure out what triggered an action=delete shown in Splunk audit logs?

join the two search results from two different data sets with different time stamps

How to build a list of simultaneously running threads?

Why is does my Splunk 6.2.1 Search App keep loading while other dashboards work correctly?

Report Acceleration & Lookup Table

Why does my search for 14 Day License usage only seem to show a rolling 3 days worth of log files?

Why are jobs showing as Dispatched at 12/31/69 and keep running? How to search for and alert on this condition?

How to edit my geostats search for a simple map visualization? Getting "no match found"

How do I extract the time from this sample timestamp and convert it into seconds to find the different from the current time?

Add a summary row to a statistics table

I need some searching help for windows event logs. Can anyone tell me the specific search commands?

How to extract specific lines in a multiline event based on regex match?

Application Icon did not appear

AddColTotals & Percentage Column To Listed values

Dnslookup to output multiple event list in one query

What is the difference between the metasearch and tstats commands?

Creating a Tabular report

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

There's No Place Like Chrome and the Splunk Platform

Customer Experience | Join the Customer Advisory Board!

Using comparison function within mstats

Search to match high temp events, but ignore speci...

splunk search statement using keyword from input b...

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out