Splunk Search

Community Activity

Is it possible to turn 8 product charts into one table with Sparklines/Trendlines? Hi, I am looking to grab a hand at turning 8 product charts into one table with Sparkline's if possible for trend tra... by Altoid17 Explorer in Splunk Search 09-22-2022 0 0	0	0
How to plot P95,P99,P75, mean and median response times values using tstat? Hello All, I need help trying to generate the P95,P99,P75, mean and median response times for the below data using ts... by dsenapaty Explorer in Splunk Search 09-22-2022 0 1	0	1
How to hide search results until the search is complete? I want no results of a search to display until the search has completed. The search I am running displays any users w... by pwilson Explorer in Splunk Search 09-22-2022 0 3	0	3
How do I compare query result with lookup result? Hello I have a query that running a rest command, one of the fields is "action.email.to"also i have a lookup table wi... by sarit_s Communicator in Splunk Search 09-22-2022 0 7	0	7
What's the meaning and mechanism of form.multiselect_lines (with the pattern form.? I see an interesting Simple XML idiom below:<input type="multiselect" token="multiselect_lines" searchWhenChanged="tr... by yshen Communicator in Splunk Search 09-22-2022 0 0	0	0
How to set a token when the field exists? I'm looking for a way to set a token when the column exists (regardless of value). Tried these with no luck. <eval ... by timgren Path Finder in Splunk Search 09-22-2022 0 3	0	3
How to use dropdown value in different ways? I have a dropdown whose value once input needs to be used in two different ways in the same search query. One of the ... by thenormalone Path Finder in Splunk Search 09-22-2022 0 4	0	4
rex search returning everything instead of the one I'm trying to search, what am I doing wrong? My rex search is returning all the rows instead of the one being searched. What am I doing wrong? index=cloudwatchlog... by Jeet Explorer in Splunk Search 09-22-2022 0 3	0	3
How to plot a graph with field having duplicate values Hi, I have a scenario where I receive multiple requests which contain same field value basically OrderNumber. So the ... by shashank_24 Path Finder in Splunk Search 09-22-2022 0 1	0	1
Rex to extract values from jason type format logs? Currently I am trying to extract the crossReferenceId value using below rex query. Its working fine and I can extrac... by ravir_jbp Explorer in Splunk Search 09-22-2022 0 3	0	3
How can I delete notable events in ES? A notable event triggered 30000 notables how can i delete them all? by Basavaraj Engager in Splunk Search 09-22-2022 0 3	0	3
Search to get info from lookup file if event field contains data from two field in lookup file? Want to create search to get info from lookup file if event field contains data from two field in lookup file. log ev... by Abhineet Loves-to-Learn Everything in Splunk Search 09-22-2022 0 3	0	3
Detection exclusion setting by using Regex? Hi, everyone.Need some help for detection exclusion setting. Want to exclude detections of the files which are appli... by Ange Explorer in Splunk Search 09-22-2022 0 5	0	5
How to get rows into columns from rows values? Hello dear Splunk experts!I've stuck with one search and can't figure how to do this. Did a lot of searching here on ... by siriosus Engager in Splunk Search 09-21-2022 0 3	0	3
Help adding pipe "l" for all results Hello - I am getting the below error. I am trying to add pipe "\|" for all the results. Error : Failed to parse tem... by kc_prane Communicator in Splunk Search 09-21-2022 0 3	0	3
How to achieve proper search for timechart with where clause? Here is my search: source="WinEventLog:Security" EventCode=540 \| timechart span=1h count by User This gives me the co... by hartfoml Motivator in Splunk Search 09-21-2022 2 13	2	13
Can someone explain the parameters of ? Hi Team! Someone please explain to me what each parameter is responsible for in such a search tag: <search><query>sys... by NickGrava Engager in Splunk Search 09-21-2022 0 2	0	2
How to exclude results in search? I want to exclude duration results if greater than 7 days. So i used search NOT but it is not working. Can someone he... by alexspunkshell Contributor in Splunk Search 09-21-2022 0 1	0	1
How to fill sparse data in a table for alert? I have a query which results in a table: "some words" \| stats dc(host) as host_count by zone, region My end goal is... by charming_fish New Member in Splunk Search 09-21-2022 0 1	0	1
How to set x axis time interval for line chart every 1h? HI Team,I am getting 2 hr time span only if i mentioned the 1 or 3 or 4 hours span too in the visualization line char... by Anud Path Finder in Splunk Search 09-21-2022 0 1	0	1
How to create an eval metric based on a sequence of events? Hi all, I'm trying to create a "Fallback escalation rate" for a chatbot. This rate would be calculated by users that ... by KyleMcDougall Path Finder in Splunk Search 09-21-2022 0 7	0	7
How to delete Windows logs after it was read by Splunk? Hi All, I have a large number of Windows logs in directory. How can I automatically delete them from the disk space a... by PTIch Engager in Splunk Search 09-21-2022 0 2	0	2
To which index does the sourcetype belong? Greetings,I have been creating a search that collects all the sourcetypes that have not collected any information dur... by Neonbeeflash3 New Member in Splunk Search 09-21-2022 0 3	0	3
How to transform event data for table display? Hi, I would like display values of variables from an event as a Table. My data format is as follow: TimeEvent9/16/22... by dzyfer Path Finder in Splunk Search 09-21-2022 0 6	0	6
How to event break with by request ID? On my attached picture these many events should become one event by ID instead of so many, how can I break those even... by baljkastr Engager in Splunk Search 09-20-2022 0 1	0	1