Splunk Search

Discussions

Thread Info

Help with regex

I have a log format that uses space as delim and "" as delim when we have space in between. How should i write the re...

by Path Finder in

Dbquery and time_stamp

Hi, I have a query like | dbquery TEST_DB "select a.time_stamp, a.num_busy_engines, a.num_total_engines, a.num_tas...

by Path Finder in

How to keep leading zeros in a numeric field when converting it to string?

I have this as part of my query: eval this_move=tostring(seq)."-."screen Only I need to make sure seq is treated as ...

by Path Finder in

Search event logs that only accrue between 4PM to 11:59PM every day

Looking to see if there is a way to search for only specific windows event logs that accrue after 4 pm up to 11:59 pm...

by Path Finder in

single value background image

Hello Everyone, Please suggest me how to place an images to extreme left in the single value box.This is what I ha...

by Builder in

Gap in chart data

Hi, I have a chart that is produced by executing a search with a | timechart command. As the search is executin...

by Motivator in

Start/End time Displaying Same time

I have a search where I'd like to show the duration of the order. My search below almost gives me that, but the st...

by Builder in

サーチ結果をダッシュボードに載せると結果が変わる

下記サーチをダッシュボードに載せると結果が変わってしまうのですが、原因はなんでしょうか。サーチ結果では前週比がでるはずが、ダッシュボードに載せるとその数が足された結果になってしまいます。 ...

by Contributor in

Changing timechart X axis

Hello, I want to change X axis on timechart, so I created a dashboard, and added the following option. My sear...

by Contributor in

Exporting raw search results to clipboard?

Hi, Exporting search results to a file is a bit too cumbersome for our current workflow. Is there any way to expor...

by Engager in

Charting non indexed values

I have a feed going into Splunk currently that follows a trend that looks like it starts at a very small number, then...

by Engager in

Discarding of Events based on some column value

Hi, I have a JSON file which has a key value pair. I want to discard the events which contains "Name":"John" ( I mean...

by Contributor in

CASE() search option produces no results

While using the CASE() feature of the search command (as per http://docs.splunk.com/Documentation/Splunk/6.0.2/Search...

by Splunk Employee in

using custom JS rendering scripts

I'm having a bit of a problem with using JS scripts in my dashboard panels. I've been using the Simple XML examples a...

by Path Finder in

Calculating a total for use later to calculate a percentage

I am trying to calculate an overall total value for use later in my pipeline in a percentage calculation. My data loo...

by Path Finder in

Help with Rex or RegEx - Need Everything After a String

Here is an example of a VPN log with an error. I want to create a field for "Reason", which includes everything found...

by Builder in

Problem with HEADER_FIELD_REGEX in TMG Logs

I am attempting to use the INDEXED_EXTRACTION = W3C configuration to pull logs from a Microsoft TMG server. I started...

by Communicator in

Getting 2 aggregate result for 2 searches

My search string is host=ABC| append [search host=DEF]|stats sum(V) by "ER Code" Can I have a count function also wit...

by Path Finder in

How do I extract last numbers in field

Hello Splunkers, I Would like to create a new field with the last numbers in another field called logid For ex...

by Communicator in

Issue in returning space from eval macro

Hi, I am in need of an eval macro that takes in three values, examines them and returns the values for three separ...

by Communicator in

Using variable

My search string is (host=ABC AND "Emp Code"=inputString) OR (host=joinHost AND "EMPLOYER_CODE"=inputString) Can I h...

by Path Finder in

The Java Bridge server is not running DBX 1.10

Hello, The java bridge is not re-starting after PC reboot. Tried several install / re-install. Each time the java ...

by Explorer in

Using a result from a subsearch as

Hi all, I've been searching for the last day or so trying to find an answer, but unable to find one. I think I may...

by Engager in

calculating time of free form value in log message

Is there a way I can create a bar chart with the response time extracted from these free form log messages that corel...

by New Member in

Table Formatting

I am having some difficulty formatting a table the way I would like. I am monitoring port state for a couple differe...

by Motivator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Help with regex

Dbquery and time_stamp

How to keep leading zeros in a numeric field when converting it to string?

Search event logs that only accrue between 4PM to 11:59PM every day

single value background image

Gap in chart data

Start/End time Displaying Same time

サーチ結果をダッシュボードに載せると結果が変わる

Changing timechart X axis

Exporting raw search results to clipboard?

Charting non indexed values

Discarding of Events based on some column value

CASE() search option produces no results

using custom JS rendering scripts

Calculating a total for use later to calculate a percentage

Help with Rex or RegEx - Need Everything After a String

Problem with HEADER_FIELD_REGEX in TMG Logs

Getting 2 aggregate result for 2 searches

How do I extract last numbers in field

Issue in returning space from eval macro

Using variable

The Java Bridge server is not running DBX 1.10

Using a result from a subsearch as

calculating time of free form value in log message

Table Formatting

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

How to show the line when its value is NULL with ...

Search for triggered save searches and their actio...

MLTKC how should i check jupyter notebook func in ...

ITSI thresholds: adaptive vs static

Using Machine Learning Toolkit to detect auth abus...

Splunk Search

Are you a member of the Splunk Community?

Discussions