Splunk Search

Community Activity

	How to extract the first field of a list with space and slash? Hello everyone, I have a problem with a request. I tried with this: index="main" sourcetype="st_easyvista_generic" "I... by anissabnk Path Finder in Splunk Search 01-05-2023 0 5	0	5
	How does splunk split field contents in dictionary format? current splunk log:user=a,ip=b,info={'gender':1,'Country':2},p=1,target splunk table: user=a,ip=b,gender=1,Country=2,... by Cathy Engager in Splunk Search 01-05-2023 0 2	0	2
	How to populate new index from data file? Hi, I need to create an index called "assets" from a JSON data file that I have. However, wen I try and create such a... by POR160893 Builder in Splunk Search 01-05-2023 0 1	0	1
	Map command subsearch results losing initial search value from the output? Here is an example of SPL I am trying to run. \| makeresults \| eval ProxyUser="User1,User2,User3" \| makemv delim="," P... by sureshtskumar Explorer in Splunk Search 01-05-2023 0 12	0	12
	What is Splunk search runtime? OK I think I know what it is Splunk Search Runtime, but I have not ever thought what values or insights can this feat... by robertisimos Observer in Splunk Search 01-05-2023 0 0	0	0
	Why are incidents are not showing in impact tab in Splunk? Hi all, We are creating episodes and incidents are getting created in SNOW , the incident number is available in Acti... by nivets Engager in Splunk Search 01-05-2023 0 0	0	0
	How to compare two results every week and display the differences from one index? Hi team,I want to compare two results every week and display the differences from one index. And I want create Jira t... by btluynk Loves-to-Learn Lots in Splunk Search 01-05-2023 0 3	0	3
	When I am using this search, I am not getting accurate results? Search: \|tstats count where index=att_acc_app source=applicationissues.log by PREFIX(client_application_name=) _tim... by Harish2 Path Finder in Splunk Search 01-04-2023 0 5	0	5
	Why does Dashboard studio datetime looks strange? HI! My Dashboard studio dateime looks strange T. T [Dashboard Studio View ↓ ] namedatetimecounttom2022-12-01T09:00:0... by minpd0309 Explorer in Splunk Search 01-04-2023 0 0	0	0
	How to disable word wrap in custom apps table search? Hi Everyone, I created a custom Splunk app, and when using the (un-modified) search dashboard within the app to produ... by JohnMurphyAus Path Finder in Splunk Search 01-04-2023 0 6	0	6
	How to display label inside chart area in pie chart? Hi i am unable to display lable or any result need to display chart area instead of default lables for splunk pie ch... by sureshp Loves-to-Learn Lots in Splunk Search 01-04-2023 0 3	0	3
	Regex help to extract logname I'm trying to extract logname from the following. So the logname value would be message.log/bblog.log/api.logPlease N... by iamsplunker Communicator in Splunk Search 01-04-2023 0 4	0	4
	How to achieve searching multiple indexes with one table? I'm trying to create a table to view hosts in multiple indexes, and report if they are returning data. For example H... by mw98 Explorer in Splunk Search 01-04-2023 0 5	0	5
	Is there any way to execute a linux query and fetch the results of it in the Splunk search board? Hi, Is there any way to execute a linux query and fetch the results of it in the Splunk search board? Following this ... by Andreww New Member in Splunk Search 01-04-2023 0 1	0	1
	How to display a timechart of the Health Score as a function of time? I am calculating a health rate for projects based on specific criteria, generaly its the SUM of projects ranked A or ... by danishv Loves-to-Learn Everything in Splunk Search 01-04-2023 0 3	0	3
	Where did my new dashboard get saved? guys and gals let me start off by saying that my Search Game is weak, lolIn version 9.0.0 on a Winderz platform I was... by Gregski11 Contributor in Splunk Search 01-04-2023 0 4	0	4
	Execute regex statements only when a condition is met? I have a use case where i would need to use regex to extract values only if a condition is met. index=sample ... by Splunk_User88 Observer in Splunk Search 01-04-2023 0 6	0	6
	Can you help to match events with an inputlookup search? Hi, I use the basic query below in order to collect the model of a host (workstation) index="xx" sourcetype="WMI:Mo... by jip31 Motivator in Splunk Search 01-04-2023 0 3	0	3
	Is it possible to get a list of all the Indexes which are used in ITSI and all the related services to those indexes? Hello Community ! Is it possible to get a list of all the Indexes which are used in ITSI and all the related services... by Suara Explorer in Splunk Search 01-04-2023 0 3	0	3
	lookup output renaming and running into issues? Trying to tstats + lookup doesn't work Hello,I have let's say "inherited" a few searches and try to understand them. here is the search: \| lookup lu_cisco_u... by avoelk Communicator in Splunk Search 01-04-2023 0 2	0	2
	How to get the percentage using values in event over two columns? Hello Splunk masters I am trying to figure out how to get a rate (percent) by looking at two strings within a column,... by splunker1981 Path Finder in Splunk Search 01-03-2023 0 3	0	3
	Help with search using eval and table? index="hx_vm" LogName="Microsoft-Windows-Sysmon/Operational" "EventCode=11" ComputerName=DESKTOP-933JR8B \| eval {... by oh_sechang New Member in Splunk Search 01-03-2023 0 1	0	1
	Can anyone explain what is ad hoc search? Can anyone explain what is ad hoc search? by surens Explorer in Splunk Search 01-03-2023 0 2	0	2
	How to invert y-Axis in any chart? I tried official documents and community searches but couldn't find out how to reverse y-axis.not transpose or xy-swa... by applesws Loves-to-Learn Everything in Splunk Search 01-03-2023 0 2	0	2
	How to add values from a split to an existing field? Hello, i'm trying to add values to an existing field but i'm running into a wall. I have a field name vector and anot... by fatanyk Explorer in Splunk Search 01-03-2023 0 4	0	4