Splunk Search

Community Activity

How to split by comma and use values as field names? I have the following fields, where some of them might be null, empty, whatnot values.I would like to split the Servic... by JykkeDaMan Path Finder in Splunk Search 09-30-2022 0 3	0	3
How to create a dashboard using graph from response time count of application logs? Hi Team, I wanted to count response time for each hours from application logs, wanted to create dashboard using lin... by Amol1300 New Member in Splunk Search 09-30-2022 0 1	0	1
How to compare close date with start date? Hi there, I am new to this kind of analysis within Splunk but i've been asked to create a filter on events where the ... by vishalduttauk Communicator in Splunk Search 09-30-2022 0 2	0	2
Can someone help with my Splunk search to find new events in 2 week periods? Hello Splunkers!! I have two weeks events week 1 & week 2. Here I need to compare event of Week 1 & Week 2. The highl... by uagraw01 Motivator in Splunk Search 09-30-2022 0 2	0	2
How to escape equal signs (=) in key value data? Some of our data is logged in key value format separated by an equal sign (=), e.g.: field1=data1 field2=data2 Spl... by helge Builder in Splunk Search 09-29-2022 2 6	2	6
How to write a Splunk search for License Utilization for Particular events? Hi , i want to find the license utilization of firewall logs based on severity level. can anyone help me with the ... by umesh Path Finder in Splunk Search 09-29-2022 0 2	0	2
How to extract status for monitoring with a log structure like this? Hello, I have a log file that go like this 2022-09-30 09:43:41,038: INSTANCE=34-bankgw1, REF=237324562, MESSSAGE=... by phamxuantung Communicator in Splunk Search 09-29-2022 0 3	0	3
Trouble with date conversion I need to create a field (30days) with a date 30 days from the date in a given field (pubdate). I believe I have that... by mistydennis Communicator in Splunk Search 09-29-2022 0 4	0	4
Splunk query to Append/replace the specific fields in the lookup file (csv) Hi, I have a lookup file with the fields - biz_department, biz_unit, biz_owner, data_usageI have a query to generate... by mala_splunk_91 Explorer in Splunk Search 09-29-2022 0 1	0	1
How to add the field name via command in a lookup file? Hi Community Support, I have a lookup file with IP addresses where all the values are IP Addresses including the very... by joomla Engager in Splunk Search 09-29-2022 0 4	0	4
Event sampling and Count - accuracy? I have a need for approximate statistics/metrics and am currently using Event Sampling, which drastically speeds up t... by dmoberg Path Finder in Splunk Search 09-29-2022 0 1	0	1
Priority of a search error- How do find what searches are high priority and what are non-high priority search in splunk? The splunkd health has the following message: The percentage of non-high priority searches skipped (97%) over the la... by Sithima Explorer in Splunk Search 09-29-2022 0 1	0	1
Help on removing the double quotes and reading a substring I have the below string in my error log {"@odata.context":"https://apistaging.payspace.com/odata/v1.1/11846/$metadat... by manojchacko78 Path Finder in Splunk Search 09-29-2022 0 7	0	7
How to display table with vertical title? I'm sure this must be possible, but I can't find a way, unfortunately there are a couple of threads on this with no s... by JohnnyMnemonic Explorer in Splunk Search 09-29-2022 0 2	0	2
How to get ip objects from a Splunk list? Hello, I have an output list like this one: { "10.10.10.15": { "High": [ { "name": "vu1"... by splunknewuser Loves-to-Learn Everything in Splunk Search 09-29-2022 0 4	0	4
How to unite multiple columns into one column? table A table B I know there are lots of ways to spread the table from table B to table A . Is there ant method to... by krim Explorer in Splunk Search 09-29-2022 0 4	0	4
Is there any way to export my custom visualization in PDF format --- BoxPlot? Hey Splunkers!! Is there any way to export my custom visualization in PDF format --- BoxPlot I check over the Splunkb... by restinlinux Explorer in Splunk Search 09-28-2022 0 1	0	1
How to display comma separated in two column in Splunk under events or statistics or visualization? case_S56_search_Get_T01_search,{"success":false "message":"Note not found: 52229548" "messageCode":"**" "localizedMes... by rpachamuthu Explorer in Splunk Search 09-28-2022 0 1	0	1
Help with Search for sporadic servers in the past 14 days? Trying to build a search looking for sporadic servers in the past 14 days, here is my search so far. \| tstats count a... by andrew_burnett Path Finder in Splunk Search 09-28-2022 0 3	0	3
Retrieve all latest rows that share the same _time value? I have an application that sends logs to Splunk every few seconds. These logs are "snapshots" which provide a static ... by HappyFeet Engager in Splunk Search 09-28-2022 0 2	0	2
Filter JSON search results based on another log message in the same search? I have the below search results that will consist of 2 different types of log formats or strings. Log 1: "MESSAGE "(... by ghostrider Path Finder in Splunk Search 09-28-2022 0 2	0	2
How to show the total size of events from a source? Hi, I need to show a customer that Splunk is processing their entire file, and thought a good way of doing it was to ... by a212830 Champion in Splunk Search 09-28-2022 1 10	1	10
Can I use macro but complete search if macro is broken or missing? I am using two macros in a search however, I want to use them in a way that IF they are broken or not available the s... by coreyCLI Communicator in Splunk Search 09-28-2022 0 1	0	1
How to compare two fields data from appendcols Hi Community,I need support to know how I can get the non-existent values from the two fields obtained from the "appe... by joomla Engager in Splunk Search 09-28-2022 0 2	0	2
Can splunk index same data into one index but different sourcetypes?? Hello,I have to index a log file in linux server in to one index but need to have two different sourcetype. Is it pos... by sivaranjiniG Communicator in Splunk Search 09-28-2022 1 1	1	1