Splunk Search

Community Activity

	Grouping the messages based on 2 fields in splunk? I have below events/messages in my search result. There are 2 fields stack_trace and TYPE like below. I want to group... by ghostrider Path Finder in Splunk Search 10-12-2022 0 3	0	3
	Windows Universal Forwarder - Not Forwarding? I am tying to track down why my Windows Universal forwarder is not forwarding to the Splunk server/index. I can't see... by pmacdonald Explorer in Splunk Search 10-12-2022 0 3	0	3
	How to group the messages by exception message present in stack_trace field of a json event? I have json events/messages in my search result. There is a field or property called "stack_trace" in the json like b... by ghostrider Path Finder in Splunk Search 10-12-2022 0 9	0	9
	How to group 3 months data, making it average data over 2 years? Hello The dates I have are in form of Week Starting: for example WeekStarting = 04/04/2022 , 11/04/2022 and so on. I ... by hmohta Path Finder in Splunk Search 10-12-2022 0 14	0	14
	How do I create a Dashboard using mstats metrics with multiple instances? Hi there, I've been attempting to create a dashboard with metrics from the itsi_im_metrics index but am struggling wi... by jztilly Engager in Splunk Search 10-12-2022 0 0	0	0
	How to use join to compare results from a csv file? this query shows all employees in the company: index=EmployeeData AND sourcetype=Directory* earliest=@d\| search NOT H... by queryboy Explorer in Splunk Search 10-12-2022 0 9	0	9
	Do predict and timeswrap mix? Hi forum!getting a bit muddled here, I want to statistically demonstrate a recurring weekly trend , so timewrap sound... by splunkernator Path Finder in Splunk Search 10-12-2022 0 1	0	1
	Averaging by Field over Time- How to make monitoring more sleek? Hi all! I feel as if I'm overcomplicating an issue, but I haven't gotten any built-in Splunk tools to work. Here's t... by acdewey Explorer in Splunk Search 10-12-2022 0 4	0	4
	Searching for results during business hours and after-hours? My customer wants a count of calls coming into their call center during their business hours (M, Tu, Th, F: 8:00 a.m.... by emile194 New Member in Splunk Search 10-12-2022 0 1	0	1
	How to accomodate or condition in regex I have 2 types of error messages that I want to display along with their count. One error has "." at the end and anot... by ghostrider Path Finder in Splunk Search 10-12-2022 0 2	0	2
	Eval for new variable not working as expected? Hello community, I am new here and I have a simple question on my chart which is not working as expected. Currently I... by dunick_ Engager in Splunk Search 10-12-2022 0 2	0	2
	How to customize panel popup based on checkboxes? I have few checkboxes where my panels are getting displayed when i select them and if i unselct them they are not app... by mahesh27 Communicator in Splunk Search 10-11-2022 0 3	0	3
	How can I iterate through this lookup by the 'no' field and display each entry as a result? Hi I have a lookup which looks like this no name student rollno 1 john yes 12 2 ... by arunkuriakose Explorer in Splunk Search 10-11-2022 0 1	0	1
	How to make a Report for Alert Stats? I have setup different alerts.I would like to setup a report that would allow me to have stats for each AlertsExample... by DPOIRE Path Finder in Splunk Search 10-11-2022 0 0	0	0
	How to convert to multivalue field? I'm trying to convert a field with multiple results into a multivalue field. I'm querying a host lookup table that ha... by pc1234 Explorer in Splunk Search 10-11-2022 0 1	0	1
	Why can't I get a failure rate field (percentage) to show up on chart? Hello, I was wondering if anyone could help me with this simple problem- I'm trying to graph the total amount of good... by Jbarr5695 Loves-to-Learn in Splunk Search 10-11-2022 0 2	0	2
	Trying to join columns to an initial query Hello,I wonder if someone could help me out with a query. I'm trying to compare a value against different point in ti... by sbedard Engager in Splunk Search 10-11-2022 0 3	0	3
	Why are some values from events in splunk query returning NULL? Hi, I have the following event as an example. Properties: { [-] Path: /v1.0/locations/branches QueryString: ?branch... by labaningombam Explorer in Splunk Search 10-11-2022 0 3	0	3
	Is there a way to enrich events by having country information from IP address automatically through props.conf? Hello, I am trying to come-up with something which will automatically enrich the events using the country information... by efheem Explorer in Splunk Search 10-11-2022 0 0	0	0
	How to get host and sourcetype combinations that do not fit in any Datamodel Hello,I'm trying to retrieve all the host-sourcetype combinations that are not captured by any Datamodel. I have a pe... by ownion Path Finder in Splunk Search 10-11-2022 0 0	0	0
	Why is where command not working with Splunk events? I want to search below events in the base search. However these are not getting displayed when I use the where cmd. T... by ghostrider Path Finder in Splunk Search 10-11-2022 0 1	0	1
	How can I extract the fields from log file? I need to split the below log files to like excel table. My Log file is: 2022-05-25 13:00:02 100.200.190.70 - test [1... by nayagan Engager in Splunk Search 10-11-2022 0 2	0	2
	Help using lookup tables to select search results I have a lookup table named ics_special_domains that contains this: domain_name,typemicrosoft.com,microsoft*.microsof... by ilhwan Path Finder in Splunk Search 10-11-2022 0 6	0	6
	How to show all values of a field on the same table? by din98 Explorer in Splunk Search 10-11-2022 0 9	0	9
	How to send reports to email addresses in the query results? Hello Splunkers!!As per the below results. I want to send individual report to each manager on their email id. Likewi... by uagraw01 Motivator in Splunk Search 10-11-2022 0 1	0	1