Splunk Search

Community Activity

Why can't I see preliminary search results when using associate command? In my SPL I use the associate command. However, I've noticed that when I use the command, any previous preliminary s... by TAE Engager in Splunk Search 10-28-2022 0 4	0	4
How to produce a csv based on a complex business logic? We have a Splunk UI that allows the users to export a certain set of the rows from a lookup. The caveat is that each ... by danielbb Motivator in Splunk Search 10-28-2022 0 6	0	6
How to extract key/value with dynamic key name? I found this, but I am unable to replicate it. I am not understanding where I am messing up here. Problem: I feed bto... by oliverja Path Finder in Splunk Search 10-28-2022 0 5	0	5
How to extract 2 values from different events based on another 2 common fields? Hello,I'm new here, tried to find the answer for my problem by failed. I'm looking for a method to extract values fro... by BYQ Engager in Splunk Search 10-28-2022 0 2	0	2
How to add severity to fetched errors messages? Hi All, I am trying to add severity column to output of first command, could you please let me know how to do it. Que... by PraveenThakur Engager in Splunk Search 10-28-2022 0 2	0	2
How to search to track the OS migration on the host? Hi folks, I need your support to build a search query to track the migration activity. We have a requirement to track... by srlakshm New Member in Splunk Search 10-28-2022 0 7	0	7
Event mismatch to different forwarding servers? We re-routed data from Splunk SaaS cloud to On-perm but we see event mismatch between these two instances, if I route... by sathiyasun Explorer in Splunk Search 10-27-2022 0 1	0	1
How do I find the time difference for each change in the location of the city? I have a query like this:\| dbxquery connection=xxxxx query="select xxx FROM xxx WHERE xxx and to_char(LOG_DATE_TIME,... by time2200 Explorer in Splunk Search 10-27-2022 0 5	0	5
Help with stats building a wrong result on my table Hello,I have a lots of records, some one has account_id field filled.. others has org_id field filled, and some ones ... by fpedrosa Engager in Splunk Search 10-27-2022 0 1	0	1
How to rename column and row labels after using transpose? Hi All, I am having no luck renaming "column" and "row1, row2,..." successfully to "fields" and "event 1, event 2, e... by packet_hunter Contributor in Splunk Search 10-27-2022 1 7	1	7
How can I customize color for cell value based on condition? Hi All,Currently we have a table like below , Target values are fixed for each row but Columns will added dynamically... by SanjayReddy SplunkTrust in Splunk Search 10-27-2022 0 1	0	1
Does a Heavy Forwarder have a limit for thruput ? Hello Splunkers,Everything is in the title, I've read the limits.conf documentation,[thruput] maxKBps = <integer>I kn... by GaetanVP Contributor in Splunk Search 10-27-2022 0 2	0	2
Splunk Alert for Response Time- How to add the time condition value? Hi Team, I want a splunk search query for alert creation. My requirement is service Response time is > 3 seconds and ... by asplunk789 Loves-to-Learn Everything in Splunk Search 10-27-2022 0 7	0	7
Create Alert if condition is met? Hi , I have a scenario where the files needs to be transferred for both inbound and outbound at 2 am daily. I need ... by Chinni611 Loves-to-Learn Lots in Splunk Search 10-27-2022 0 3	0	3
Help with a simple search: How do I count how many days match a certain criteria? (example below) I have this search which builds a tablemy_search \| timechart span=1d sum(eval(b/1024/1024/1024)) AS volume_bit will b... by dritjon Path Finder in Splunk Search 10-27-2022 0 1	0	1
Need help with a search where I am using streamstats and timechart? I am trying to create a search where if there is a change of 30 percent within 5 mins of a few field values, I would ... by phularah Communicator in Splunk Search 10-27-2022 0 6	0	6
How to get the count over exceptions for the past 3 days individually? Exceptions Day1 Day2 Day3 Abc 5 4 3 Start 3 4 4 xyz ... by Kk Path Finder in Splunk Search 10-27-2022 0 1	0	1
What is the difference between eventtype and macro? Hi Even if i have read some documentations, i have difficulty to understand the difference between macro and eventtyp... by jip31 Motivator in Splunk Search 10-26-2022 0 5	0	5
How to visualize percentage rate of matching event pairs that share a common key value? I'm working on a query with the goal of determining the percentage rate of request/response event pairs that match by... by beetlegeuse Path Finder in Splunk Search 10-26-2022 0 10	0	10
How to sort column headers in timechart? Hi, I've got a timechart with several columns. The headers of these columns are numbers (0,1,2,3... etc) and I would ... by HeinzWaescher Motivator in Splunk Search 10-26-2022 0 7	0	7
How to combine rows in groups of 2, grouped by nearest time? Title may be a bit confusing, so here's an example of what I'm trying to achieve:I want to convert a table that looks... by JJ_Yam Explorer in Splunk Search 10-26-2022 0 7	0	7
How to divide a field by its average? I have a time chart of count by field \| timechart count by field_name limit=0 I would like to divide each val... by brayps Explorer in Splunk Search 10-26-2022 0 3	0	3
How to show search on condition - do not show or erase/delete on other condition? Hello All, I have been searching for "how to" but not had much luck. I have this search: I run it realtime, and test ... by eholz1 Builder in Splunk Search 10-26-2022 0 6	0	6
How to filter results from multiple date ranges? Hello, I am creating some reports to measure the uptime of hardware we have deployed, and I need a way to filter out... by DGaitherAtRoot Explorer in Splunk Search 10-26-2022 0 9	0	9
How to get all events between two events? I have the following events.I am trying to get all the events between START and END of a job (inclusive).For instance... by vrmandadi Builder in Splunk Search 10-26-2022 0 6	0	6