Splunk Search

Community Activity

	Do you know of a way to assign an increasing numerical value to each new event sent to the index? Hi eveybody, I have a series of alerts that generate new events that are sent to a specific index and also send an em... by JohnnyMnemonic Explorer in Splunk Search 10-14-2022 0 7	0	7
	How to display tooltip on a panel without using javascript? I need to show a tooltip on a panel, to let users know that clicking on the value will take them to a drill down. Is ... by ATSplunker New Member in Splunk Search 10-14-2022 0 3	0	3
	After doing span, how to find the time in the middle of search range with 0 data for multiple id? Hi everyone, In my search, I set bucket span=2h _time. It returns only hours which have data There are some hours whe... by Julia1231 Communicator in Splunk Search 10-14-2022 0 5	0	5
	Is it possible for this search to include present errors and also dynamically add new error added by developer? Hi guys,I need help with a Splunk query. The boss wants me to have a total of all different types of errors. When I r... by ps2019 Loves-to-Learn Everything in Splunk Search 10-14-2022 0 8	0	8
	How to disable or enable panels based on drop down value in the dashboard? I have a drop/drill down with 3 values namely: All,A,B And there are 2 panels, let's say 1 and 2 which take input in ... by ghostrider Path Finder in Splunk Search 10-13-2022 0 4	0	4
	Help with search that detects spam sent with unique subject? Hi community, I am trying to write a query that looks for bulk email (say >50) from a single sender to multiple recip... by roopoo Loves-to-Learn Lots in Splunk Search 10-13-2022 0 3	0	3
	Why is search not working properly on duplicate inner records? I have a splunk query, in which my intention is to get all ipAddress for which "EVENT A" occurred in last 22 hours st... by user9025 Path Finder in Splunk Search 10-13-2022 0 2	0	2
	How to evaluate and add if condition on stats data? Hi team, I created one query with rex command and stats command, it is working fine. Now I need to add another colum... by rkishoreqa Communicator in Splunk Search 10-13-2022 0 5	0	5
	Grouping the messages based on 2 fields in splunk? I have below events/messages in my search result. There are 2 fields stack_trace and TYPE like below. I want to group... by ghostrider Path Finder in Splunk Search 10-12-2022 0 3	0	3
	Windows Universal Forwarder - Not Forwarding? I am tying to track down why my Windows Universal forwarder is not forwarding to the Splunk server/index. I can't see... by pmacdonald Explorer in Splunk Search 10-12-2022 0 3	0	3
	How to group the messages by exception message present in stack_trace field of a json event? I have json events/messages in my search result. There is a field or property called "stack_trace" in the json like b... by ghostrider Path Finder in Splunk Search 10-12-2022 0 9	0	9
	How to group 3 months data, making it average data over 2 years? Hello The dates I have are in form of Week Starting: for example WeekStarting = 04/04/2022 , 11/04/2022 and so on. I ... by hmohta Path Finder in Splunk Search 10-12-2022 0 14	0	14
	How do I create a Dashboard using mstats metrics with multiple instances? Hi there, I've been attempting to create a dashboard with metrics from the itsi_im_metrics index but am struggling wi... by jztilly Engager in Splunk Search 10-12-2022 0 0	0	0
	How to use join to compare results from a csv file? this query shows all employees in the company: index=EmployeeData AND sourcetype=Directory* earliest=@d\| search NOT H... by queryboy Explorer in Splunk Search 10-12-2022 0 9	0	9
	Do predict and timeswrap mix? Hi forum!getting a bit muddled here, I want to statistically demonstrate a recurring weekly trend , so timewrap sound... by splunkernator Path Finder in Splunk Search 10-12-2022 0 1	0	1
	Averaging by Field over Time- How to make monitoring more sleek? Hi all! I feel as if I'm overcomplicating an issue, but I haven't gotten any built-in Splunk tools to work. Here's t... by acdewey Explorer in Splunk Search 10-12-2022 0 4	0	4
	Searching for results during business hours and after-hours? My customer wants a count of calls coming into their call center during their business hours (M, Tu, Th, F: 8:00 a.m.... by emile194 New Member in Splunk Search 10-12-2022 0 1	0	1
	How to accomodate or condition in regex I have 2 types of error messages that I want to display along with their count. One error has "." at the end and anot... by ghostrider Path Finder in Splunk Search 10-12-2022 0 2	0	2
	Eval for new variable not working as expected? Hello community, I am new here and I have a simple question on my chart which is not working as expected. Currently I... by dunick_ Engager in Splunk Search 10-12-2022 0 2	0	2
	How to customize panel popup based on checkboxes? I have few checkboxes where my panels are getting displayed when i select them and if i unselct them they are not app... by mahesh27 Communicator in Splunk Search 10-11-2022 0 3	0	3
	How can I iterate through this lookup by the 'no' field and display each entry as a result? Hi I have a lookup which looks like this no name student rollno 1 john yes 12 2 ... by arunkuriakose Explorer in Splunk Search 10-11-2022 0 1	0	1
	How to make a Report for Alert Stats? I have setup different alerts.I would like to setup a report that would allow me to have stats for each AlertsExample... by DPOIRE Path Finder in Splunk Search 10-11-2022 0 0	0	0
	How to convert to multivalue field? I'm trying to convert a field with multiple results into a multivalue field. I'm querying a host lookup table that ha... by pc1234 Explorer in Splunk Search 10-11-2022 0 1	0	1
	Why can't I get a failure rate field (percentage) to show up on chart? Hello, I was wondering if anyone could help me with this simple problem- I'm trying to graph the total amount of good... by Jbarr5695 Loves-to-Learn in Splunk Search 10-11-2022 0 2	0	2
	Trying to join columns to an initial query Hello,I wonder if someone could help me out with a query. I'm trying to compare a value against different point in ti... by sbedard Engager in Splunk Search 10-11-2022 0 3	0	3