Splunk Search

Discussions

Thread Info

how to get Transactions per second based on average values for each instance

How to get Transactions per second from the following table(table 1). I also have a table which gets me the per secon...

by Explorer in

space in field value

Hello all, I need to know how i can erase space in field value. In security audit of windows system the username i...

by New Member in

Comparing Multivalue fields by percentage

I have customer names assigned to servers in multivalue fields. Sample data below: I need to be able to c...

by Communicator in

How to edit our search to output certain values based on a status field?

Hi, We have a requirement to write a search: We have a status(up,down,disabled,enabled), 1.If status is up or ...

by Path Finder in

calculate baseline for chart in different time range

I am plotting timechart avg(secs) by city for timerangepicker time range. I want to add a baseline in this chart as a...

by Contributor in

How to change the _time text in the table?

How to change the _time text in the table? How to change in _time of "2016-04-01" to "first week", for example. ...

by Path Finder in

eventstats function issue

Hi, For retriving data from iis logs, I have used various eval statements, eventstats, and stats functions. When I am...

by Explorer in

How to extract all fields between a word and two specific characters in a string?

I have a text as following: Hello OFF anything blah blah & ^ anything - )< OFF anything blo blo & ^ ble - )< O...

by Builder in

Using mvexpand to get multiple fields from XML data, why am I getting incorrect values for a field?

I am using mvexpand for getting multiple fields from an XML and grouping them. Here is my search: spath output=Ma...

by Communicator in

Query for different timezones

I have imported data with daytime in GMT time zone. I need count events group by on variable interval (day,week or...

by Engager in

combinig two search commands

I have 2 indexers which are having the same columns Index1: Name DOB Age A 5/1/1990 25 B 7/1/2010 6 Index2: Name D...

by New Member in

Splunk searching according to a value of a JSON field

Hi Guys, I have a stream of JSONs and I want to search for the JSONs which name field is John. It's just like wri...

by Engager in

XenServer error message 'str' object has no attribute 'xenapi'

Error message after executing pyton script: getMessage.py out bin directory. Message in the var/log/TA-XS60-Server...

by New Member in

Using my sample data, how do I write a search to return a list Authors with the Authors they worked with on other projects?

I have a set a events that is like the following: "1970-01-17 16:31:10" Author="Joe Bob", Author_email="joe.bob@do...

by New Member in

How to search for last/current users logged into certain particular windows and linux servers

Need a search query to list the last/current user logged into certain particular windows and linux servers

by New Member in

How to match the values from different rows on a table and fetch another field value?

by Contributor in

How to build dynamic columns using a Splunk search for data from an indexed CSV file without headers?

Our application has CSV log files and the CSV is indexed in Splunk, but our CSV does not have any column headers. How...

by Path Finder in

Find correlation between nearly static data and a data feed.

I'm looking to find a way to match up info from one data source that only changes once per day, and another data sour...

by New Member in

inputs.conf

Get hostname of the machine [default] host = $hostname how to get the hostname of the name into inputs.conf

by Explorer in

Splunk Password Management Policy (암호 관리 정책)

최근 Splunk의 자체 시스템 보안 강화의 요구가 증가됨에 따라 몇가지 요구사항이 있어서 다음과 같이 질문드리니 답변 부탁드립니다. 1. 시스템의 Password는 다음과 같은 규정을 만족해야 한다. (정보보...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

how to get Transactions per second based on average values for each instance

space in field value

Comparing Multivalue fields by percentage

How to edit our search to output certain values based on a status field?

calculate baseline for chart in different time range

How to change the _time text in the table?

eventstats function issue

How to extract all fields between a word and two specific characters in a string?

Using mvexpand to get multiple fields from XML data, why am I getting incorrect values for a field?

Query for different timezones

combinig two search commands

Splunk searching according to a value of a JSON field

XenServer error message 'str' object has no attribute 'xenapi'

Using my sample data, how do I write a search to return a list Authors with the Authors they worked with on other projects?

How to search for last/current users logged into certain particular windows and linux servers

How to match the values from different rows on a table and fetch another field value?

How to build dynamic columns using a Splunk search for data from an indexed CSV file without headers?

Find correlation between nearly static data and a data feed.

inputs.conf

Splunk Password Management Policy (암호 관리 정책)

There's No Place Like Chrome and the Splunk Platform

The Great Resilience Quest: 5th Leaderboard Update

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

what are the benefits vs drawback in :: and =

Excluding either the start or end of a transaction...

How to extract Json Object Property to Create Tabl...

Using comparison function within mstats

Search to match high temp events, but ignore speci...