Splunk Search

Discussions

Thread Info

I get results for metadata searches, but why do I get 0 search results running regular searches on my new Splunk 6.2.3 search head?

Hello Splunkverse, I've recently set up a new Search Head to test 6.2.3 and it looks awesome. I do have one major ...

by Contributor in

How to create and declare a reuseable calculated eval expression that each of my data model's eval fields can access?

In my data model, I have a number of calculated fields that are derived from an Eval Expression. As the same expressi...

by Path Finder in

Splunk DB Connect 1: Is it possible to use an eval before dbquery?

Hi everybody, I want to know if it's possible to use an eval before [dbquery "select blablabla"] For example: ...

by Contributor in

How to block access to the search bar for users in an app?

Hello, I would like to create an app where users can only check out the existing dashboards, but cannot run search...

by Super Champion in

List All Lookups in An App?

Is there a way to list all of the lookups in a given app (w/o using Sideview utils)? Or, how can I use sideview lo...

by Communicator in

Search to determine what is missing in Lookup table

I have a lookup tabled defined with two columns Host and Source. I am trying to do a search to determine which hosts/...

by Path Finder in

Rename a column name to yesterday's date in 'dd-mon-yy' format

Hi All, I want to rename a column name to yesterday's date written in 'dd-mon-yy' format. Search: sourcetyp...

by Path Finder in

using eval on a field after using the predict function

I have the follwoing search that does prediction, and what I want to do is add another column to this graph, in this ...

by Motivator in

Removing duplicate substrings from a multivalue field?

Hello everyone, I am creating a custom asset inventory and am combining data from multiple sources. These sources ...

by Explorer in

Table showing highest usage by host where usage is comma separated

Here is the search I'm using: index="_internal" source="*metrics.log" per_host_thruput series NOT splunk | eval k...

by Path Finder in

How to make transactions that keep groupings in chronological order

I am working with time-series data, and I want to groups events based on the same values in three fields: field1, fie...

by Champion in

hunk search-time field extraction not working

Hunk v6.2.2 to hortonworks hadoop v2.2.4.2. My search-time field extraction for client_host is not consistent. It wil...

by Builder in

Need Solution to Edit Lookup Files via Web Form

We are creating a solution to monitor servers that are behind a network load balancer (NLB). The NLB sends health pro...

by New Member in

How to edit my search to determine IP Segment using a lookup?

Splunk newbie here.... Looking to determine IP Segment Name using a lookup table. I have a csv file that has three fi...

by Explorer in

How to search the latest timestamp each user received their last email?

Hi, I need to search when (timestamp) each user has received the last email. Is this possible? I tried to="<*@domain....

by Engager in

[beginner] Provide simple stat with different string from the field _raw

Hi, if I have some logs like this: ID DATE _RAW 1 10/06/2015 text .. ERROR text... 2 10/06/2015 text .. ERROR text...

by Explorer in

How to join two search events that have a common field without using Join?

Hi All, I am looking for options to use to join two searches which has a common field. I have already tried the JO...

by New Member in

How to table the count of each instance of fieldA, but also show fieldB as an additional column next to it for reference?

Hi all, I am trying to search some logs that have event_name and event_number. I want to produce a table that show...

by Engager in

New to Splunk and its alternatives

Hi there, How is it possible to analyze windows log, lotus notes file and sample sap log files in the system. The ...

by New Member in

Difference between NOT and != Operators

index="aws-cloudtrail" errorCode!=success returns the results I expect, i.e., events that have error codes other than...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

I get results for metadata searches, but why do I get 0 search results running regular searches on my new Splunk 6.2.3 search head?

How to create and declare a reuseable calculated eval expression that each of my data model's eval fields can access?

Splunk DB Connect 1: Is it possible to use an eval before dbquery?

How to block access to the search bar for users in an app?

List All Lookups in An App?

Search to determine what is missing in Lookup table

Rename a column name to yesterday's date in 'dd-mon-yy' format

using eval on a field after using the predict function

Removing duplicate substrings from a multivalue field?

Table showing highest usage by host where usage is comma separated

How to make transactions that keep groupings in chronological order

hunk search-time field extraction not working

Need Solution to Edit Lookup Files via Web Form

How to edit my search to determine IP Segment using a lookup?

How to search the latest timestamp each user received their last email?

[beginner] Provide simple stat with different string from the field _raw

How to join two search events that have a common field without using Join?

How to table the count of each instance of fieldA, but also show fieldB as an additional column next to it for reference?

New to Splunk and its alternatives

Difference between NOT and != Operators

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

run different filter in an index search based on a...

How to union two time ranges

Ex Cisco - run a report for all DFS users who logg...

Splunk query to list all the queries that time out

How to perform time series analysis and anomaly de...