Splunk Search

Community Activity

	How to condition match set tokens on input? Hi,I seem to be having a mental block which maybe someone can help with. I have an input dropdown which runs a query ... by mcaulsc Path Finder in Splunk Search 03-17-2023 0 2	0	2
	How to search dynamic field in Splunk? Hi, I have a lookup table where column names are with weekdays (like monday, tuesday, wednesday,...) and have possibl... by sbhatnagar88 Path Finder in Splunk Search 03-17-2023 0 3	0	3
	How to reduce number of joins? Hello Splunkers!! As per the below search you can see we have used join commands to get the results from same index &... by uagraw01 Motivator in Splunk Search 03-17-2023 0 4	0	4
	How to write a search based on Unique Ids considering multi-line to a single line? Hi Splunk Experts, I've logs where users activites are tracked based on a unique identifiers, I want to display the l... by Thulasinathan_M Contributor in Splunk Search 03-17-2023 0 7	0	7
	Is it possible to do an in-line conditional field extraction? Hello, Is it possible to do conditional In Line field extraction in SPLUNK for the following sample data: Sample Data... by SplunkDash Motivator in Splunk Search 03-16-2023 0 5	0	5
	How to accelerate the time is takes request to generate result? Hi! My request take much time to generate the result, how can i accelerate it \| mpreview index=ciusss_vitals_linux_me... by chimell1 Explorer in Splunk Search 03-16-2023 0 1	0	1
	How to "Bucket" Certain Field Values into a new Field? I have a lookup of vulnerability scan data that includes fields such as hostname, IP, OS, CVEs, etc. I would like to ... by atebysandwich Path Finder in Splunk Search 03-16-2023 0 1	0	1
	How to compare two most recent events? Hello, a search is retrieving following results order by event date Date value 2... by rora8181 Loves-to-Learn in Splunk Search 03-16-2023 0 1	0	1
	Help with creating table Hello All -I'm fairly new to Splunk and I've been racking my head for the past 8 hours trying to create a table for c... by Pip9ball Explorer in Splunk Search 03-16-2023 0 2	0	2
	How to compare/graph two searches? Hello All - I need to be able to compare/graph regression test results from two different models. The search command... by Pip9ball Explorer in Splunk Search 03-16-2023 0 6	0	6
	How to get the peak total memory usage splitt by day Hi, How can I make this search to display the peak by day index=* sourcetype=Perfmon:Memory host=* \|timechart span=7d... by ajromero Path Finder in Splunk Search 03-16-2023 0 2	0	2
	Enhanced timeline highlight certain events- Is there anything I can do in the search? I created an enhanced timeline that works the way I want but I'm wondering if there is a way to highlight or change t... by michaeler Communicator in Splunk Search 03-16-2023 0 2	0	2
	Comparing results from 2 days? Hello, I'm struggling with a task and would like to ask for your opinion about it. Goal is to set up an alert, which ... by pbabos Explorer in Splunk Search 03-16-2023 0 2	0	2
	How can I reduce the storage size of an index, what are the different methods/options? Hi, How can I reduce the storage size of an index, what are the different methods/options? Also, will removing logs... by foundationservi New Member in Splunk Search 03-16-2023 0 2	0	2
	How to use Regex inside a Case statement? Hi,How can i write this statement\| eval protocolUsed = case( regex consumerkey="[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[... by amitrinx Explorer in Splunk Search 03-16-2023 0 6	0	6
	Same search returns different results each time it is run? I have this weird issue where the same exact search, run for a same exact period returns different number of events e... by mmarinov Explorer in Splunk Search 03-16-2023 0 11	0	11
	Search to Consolidate similar messages into one? Query:index=xxx application_code=mobile NOT feature \|stats count by code message\|sort -count\|eval message-substr(... by Vani_26 Path Finder in Splunk Search 03-16-2023 0 3	0	3
	Why is Regex not displaying results? HiI have a key namedick=2c27194g-af5e-4f7d-9847-07cd5c4c70af Want to search all the ick using regex I tried regex ick... by amitrinx Explorer in Splunk Search 03-16-2023 0 2	0	2
	CSV _time differences depending on API call? When I manually run a Splunk search via the API as follows: curl "https://host:8089/services/search/v2/jobs" -d searc... by rvandolson Loves-to-Learn in Splunk Search 03-16-2023 0 1	0	1
	How to add column values based on subsearch? Hi everyone I got the following sample search that yields the table below. index=server\| stats avg(response_time) by ... by Gabriel Path Finder in Splunk Search 03-15-2023 0 4	0	4
	How to extract job Id values from raw text in events and add the job id into a separate field? Hi User, Thanks for the reply. Below is the raw text that has been received on splunk user interface. {"timestamp": ... by Renunaren Loves-to-Learn Everything in Splunk Search 03-15-2023 0 1	0	1
	Add automatic lookup for kvstore? I have kvstore which generate the data by API. when I use \| lookup mylookup id output data - its working I want to ... by Shakira1 Explorer in Splunk Search 03-15-2023 0 5	0	5
	Combining results in metric index? I have a metric index with a hierarchical structure (maybe all metric indexes are like this). SuperCategory.Category... by winknotes Path Finder in Splunk Search 03-15-2023 0 0	0	0
	How to convert a timestamp from one format to a different one? convert 2023-03-15T17:25:18.832-0400 to YYYY-MM-DD HH:MM:SS.Millisec . 2023-03-15T17:25:18.832-0400 -----------------... by xp001975 Explorer in Splunk Search 03-15-2023 0 3	0	3
	Average of current time window over last week? Still working on this. I want to create a single pane dashboard panel with trend indicator. This value is going to d... by smahoney Path Finder in Splunk Search 03-15-2023 0 4	0	4