Splunk Search

Community Activity

	Splunk Report- How to remove item from results? Hi Splunkers, I have results in the following way. Country Count Japan 50 USA. ... by revanthammineni Path Finder in Splunk Search 07-18-2023 0 1	0	1
	Fetching statistics: Unique discrepancy details, removing numerical characters, and identifying null and deleted values Hello Community,I am fairly new to Splunk, and I am struggling with this. Here is my raw event: these are discrepancy... by adikrhd Path Finder in Splunk Search 07-18-2023 0 15	0	15
	Dashboard Panel field concatenation- Can this be done? Hi,In the below code for a panel on my dashboard, I am displaying whether a report/alert is being skipped. If the _ti... by auzark Communicator in Splunk Search 07-18-2023 0 2	0	2
	How to group daily results by week more close together? Hello,I have this search for a chart that counts values weekly and divides then by day of the week.Is there any optio... by KalebeRS Explorer in Splunk Search 07-18-2023 0 3	0	3
	Why is return command not giving desired result? Hi,I'm trying to exclude list of sites from my search from lookup table its not working as expected, base search sub ... by AL3Z Builder in Splunk Search 07-18-2023 0 11	0	11
	doing sum with if condition in search query Hi All!I want to calculate the sum of failed and declined \| eval Msg=if((Failure_Message=="200 Emv error " OR Failure... by man03359 Communicator in Splunk Search 07-18-2023 0 12	0	12
	How can I fix tstats error after upgrading to Splunk 9.0.4? Hi All, we had successfully upgraded to Splunk 9.0.4. However, we observed that when using tstats command, we are ge... by keishsplunk Explorer in Splunk Search 07-18-2023 0 4	0	4
	find request but not in response Hi,[12:30:13 INF 0ceafa153290582e1f1faec3f98d84ac] Gateway API\|Request...[12:30:15 INF 0ceafa153290582e1f1faec3f98d84... by nmarun Explorer in Splunk Search 07-17-2023 0 5	0	5
	Splunk Stream for M1/arm-based processor Since Splunk stream doesn't support M1/arm-based processors yet, are there any Splunk stream alternatives that we can... by dantimola Communicator in Splunk Search 07-17-2023 0 0	0	0
	Reverse data table to horizontal Guys, good morningI'm having trouble inverting this table below. I need to leave the horizontal "key_type" informatio... by isac_santana Explorer in Splunk Search 07-17-2023 0 2	0	2
	finding percentage different between last week and week before? I have spl in splunkindex=demo search compliance= standard1 \| timechart span=1week count by status \| add totals row=t... by abi2023 Path Finder in Splunk Search 07-17-2023 0 1	0	1
	Why are my sourcetypes not loading any data? I have installed Splunk add on for AWS and created the inputs, which have a listed source type. However, when I try t... by henryf Explorer in Splunk Search 07-17-2023 0 7	0	7
	Correlate multivalues and count each relation to other values Hi.I need help in understanding how this can be done:The application's log have a multivalue like this:<somedata> [fi... by Lithyum Engager in Splunk Search 07-17-2023 0 2	0	2
	Strange behavior of values function Is there anyone who can explain me strange behaivor of "values" function. I created statistic by "stats" with "values... by emzed Path Finder in Splunk Search 07-17-2023 0 4	0	4
	Format table I've a search that return a table like this:column1 column2 column3 a ... by rissois Observer in Splunk Search 07-17-2023 0 2	0	2
	comparing two string doesn't work i have a search query and i want to add another condition to check the url if test!=staging. the first test is coming... by rezaeimo Explorer in Splunk Search 07-17-2023 0 9	0	9
	Flow chart Hi,I have a table of 3 columns: Event name, time(=when the event happened) and source (file name).I need to create a ... by maayan Path Finder in Splunk Search 07-17-2023 0 1	0	1
	Flatten JSON associative array with variable key names that even containing dots I have JSON event data like this (it is shown as a collapsable tree structure in the event view): { "data": { ... by rikinet Path Finder in Splunk Search 07-16-2023 0 3	0	3
	Finding events for users that have not been seen in the last X days I need to create a baseline for what is common in an environment before creating a rule.The rule can be as simple as:... by Liran Observer in Splunk Search 07-16-2023 0 2	0	2
	UserID exists in query 1 but not query 2 by host ? I have been trying to figure this out but getting stumped. I have seen other questions similar but just slightly diff... by sjringo Contributor in Splunk Search 07-15-2023 0 8	0	8
	Job terminated unexpectedly with no obvious error if too many rex mode=sed commands in query I am trying to summarize AWS ELB Access Logs. Once I get the raw URLs, I need to substitute out the path and query p... by john_arrowwood Explorer in Splunk Search 07-15-2023 0 4	0	4
	How to compare a particular word with each and every word in the list of host and get the below output . I have a list of below host in a csvuasws12usaws120usaws11usaws13susaws13usaws130usaws14usaws15usaws16usaws17usaws173... by AyushiSrivas Loves-to-Learn in Splunk Search 07-15-2023 0 8	0	8
	When clicking on table header want to sort by case insensitive We have table with a list of users. Some user names are all lower case, some all upper case, some mixed case. We can ... by simpkins1958 Contributor in Splunk Search 07-15-2023 0 6	0	6
	Split pattern into multiple rows? Split pattern in CSV lookup format into multiple rows\| lookup table.csvNote that the number of SubnetID-IP pair is no... by LearningGuy Motivator in Splunk Search 07-14-2023 0 3	0	3
	How to add multi-value key-value pairs to current event? Greetings.Suppose I have an event schema of just a URL, where the query section of the URL may change: ```ndjson{ url... by cdieringerwm Observer in Splunk Search 07-14-2023 0 3	0	3