Splunk Search

Discussions

Thread Info

External Lookup script Never works

From the url http://blogs.splunk.com/2009/09/14/enriching-data-with-db-lookups-part-2/ i read the following excerp...

by Path Finder in

Call different saved searches based upon a pulldown menu in dashboard

I have a dashboard with pulldown menu and I want to call different saved searches depending upon the selection. Is th...

by Explorer in

Creating saved searches and custom dashboards with unique names across all apps

While creating a saved search or a custom dashboard through one of the apps, is there a way to make sure that the nam...

by Engager in

Calculate entropy (just entropy, not change in entropy like "associate")

Though "| eval myfield=entropy(somefield)" would be awesome, it doesn't exist (yet?). Is there a known method for thi...

by Path Finder in

Read Asterisk CDRs

I have Ubuntu 10.10 running Asterisk 1.6. I want to use Splunk to index the Asterisk CDRs. It's one of the automat...

by New Member in

Bucket Mover

Hi, I upgraded splunk version from 4.3.1 to 5.0.3 and I noticed indexes are moved to frozen state. And after Up...

by Path Finder in

Field extraction issue

A transaction log format as follows: ------Procedure[xxx]'s input paramaters: journalNo = 111111 custormerId = 222...

by Engager in

Setting time frame in dashboard search

I have saved a search in a dashboard and have it set to a specific data and time range. However, because I want the s...

by New Member in

MS Lync Conversation data in Splunk?

I am trying to bring in MS lync conversations into Splunk. We can get To: and From: data but the conversation data is...

by Path Finder in

Transactions and the endswidth option - how to include through a final matching endswith?

I have a working transaction query for which I need to use an 'endswith' to identify the last event of the transactio...

by Explorer in

Best way to highlight a table row that has been updated in the last N minutes

Im trying to figure out the best approach to using css(?) to highlight a row that has been updated in the last number...

by Path Finder in

Splunk Simulator

Hi All, I was wondering if any of you knew of a Splunk simulator (where I could upload a CSV and check my searches...

by New Member in

Top X and rare events X in one Report without join

Hello, i have a search like: orders=* | transaction order_id now i want to see the orders who took the lon...

by Communicator in

Regex expression

Hi I have events like this and i am using the below expression to extract the command before query string. sour...

by Contributor in

Show only every N days in line chart where time is X axis?

Below you will find a line chart which I've created. It uses a linear regression to predict what values are going to ...

by Builder in

Distinguish between space and tab - REGEX

Hi! I'm trying to build a regex to extract n-field in a log. Each field of the log is separated by a tab, but it's...

by Communicator in

Regex to extract a field between 2 fixed words

Hi, I am having events, Number1=ABCDAS Number2=10 Number1=hsd gdsf Number2=1 Number1=ADG FHK Number2=11 Number1=HGSF ...

by Communicator in

Correlation on Rain with Accidents [need improvements]

Hi Splunk professional, I have these data displayed on a timechart. Is there anyway I can improve on it ? Is it confu...

by Path Finder in

A Quick question about Application.js

I have two SimpleResultsTable in my dashboard. I want to apply some custom js for only one Table How can i select ...

by Contributor in

Calculate Percentage Difference Between Two Searches

When running a single search on bandwidth data I can calculate the percentage between bandwidth In and Out using this...

by Communicator in

Get Updates on the Splunk Community!

Splunk Search

Discussions

External Lookup script Never works

Call different saved searches based upon a pulldown menu in dashboard

Creating saved searches and custom dashboards with unique names across all apps

Calculate entropy (just entropy, not change in entropy like "associate")

Read Asterisk CDRs

Bucket Mover

Field extraction issue

Setting time frame in dashboard search

MS Lync Conversation data in Splunk?

Transactions and the endswidth option - how to include through a final matching endswith?

Best way to highlight a table row that has been updated in the last N minutes

Splunk Simulator

Top X and rare events X in one Report without join

Regex expression

Show only every N days in line chart where time is X axis?

Distinguish between space and tab - REGEX

Regex to extract a field between 2 fixed words

Correlation on Rain with Accidents [need improvements]

A Quick question about Application.js

Calculate Percentage Difference Between Two Searches

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

Observability Highlights | January 2023 Newsletter

Why time filter value/range is not being passed to...

New install- why doesn't search work?

How to achieve search to match the fields with cur...

How to join two table with aggrouped date value?

Why does Walklex return spaces before some of the ...