Splunk Search

Community Activity

	Why does my SPLUNK RETS API return 0 eventCount? Hello, I've been using SPLUNK search REST API for a while now and just today i've run into the following issue. W... by PepposChris Observer in Splunk Search 09-07-2022 0 4	0	4
	How to create a search for multiple earliest dates for 7day output? Hi All, Am looking for query to have multiple earliest days index=something sourcetype=something earliest=-7d@d late... by kpavan Path Finder in Splunk Search 09-07-2022 0 3	0	3
	How to split the JSON array into multiple new events? Hey all, Can someone help me out with a JSON related question! Many many thanks!  I have a JSON arrays field in this... by jhcbazinga95 Loves-to-Learn Everything in Splunk Search 09-07-2022 0 3	0	3
	Combining 2 searches but need help with dedup strategy Hi, I have 2 searches where the dedup strategy is different, i want to combine the 2 searches but need help with dedu... by SS1 Path Finder in Splunk Search 09-07-2022 0 1	0	1
	How to Count appearance of containers per company? Hi,I want to count the numbers of containers per company. Each data point has a container id, company id, and much mo... by janderhungrige Observer in Splunk Search 09-07-2022 0 1	0	1
	Is it possible to merge two searches (inner+outer)? Greetings. Is it possible merge 2 search? If there is any common value than connect it. If there is no match keep the... by Kislac Engager in Splunk Search 09-07-2022 0 4	0	4
	Compare x hours vs last 1 week ago @ITWhisper As per the Below Screenshot I want to add Custom time frame. Where user can able to select any time frame ... by uagraw01 Motivator in Splunk Search 09-07-2022 0 9	0	9
	How to extract second field between quotes and add url? I have logs of the format... 2022-09-07T01:42:06.321624+00:00 micro.service 2867ce23-bdfd-48eb-ba5a-40e1e8a93987[[APP... by Mick_OBrien Path Finder in Splunk Search 09-07-2022 0 5	0	5
	How to merge two message threads into one? I have two message threads, each thread consists of ten messages. I need to request to display these two chains in on... by metylkinandrey Communicator in Splunk Search 09-07-2022 0 6	0	6
	index = aws_ubs_n \| search log IN ("error","info","warn") \| stats count as log How to count each log value separately?("error","info","warn") by surens Explorer in Splunk Search 09-07-2022 0 6	0	6
	Not getting the last week of data in graph when using the filter search Device_Type="mobile" In the above, I am comparing the last 15m data to the current week's 15m data. And I am getting good results. ... by uagraw01 Motivator in Splunk Search 09-06-2022 0 5	0	5
	How to calculate percentage in a total row generated by addcoltotals? I am trying to add a percentage to the total row generated by addcoltotals. I would like to show the total percentage... by pwilson Explorer in Splunk Search 09-06-2022 0 1	0	1
	How to convert IPv6 to IPv4 dotted decimal format with eval? I've found many samples of how to convert an IPv4 to many different formats but I can't seem to locate one to convert... by roayers Explorer in Splunk Search 09-06-2022 0 3	0	3
	How to limit the triggering of a Splunk alert according to a time range to avoid having several similar results? I have a problem triggering an alert on a splunk request based on a cron job that runs this way: Search query: index... by elmadi_fares Loves-to-Learn Everything in Splunk Search 09-06-2022 0 3	0	3
	How to use span with stats? I have a table with the next information:Fecha31/08/2022 16:16:4331/08/2022 16:19:4831/08/2022 16:16:3431/08/2022 16:... by m0rt1f4g0 Explorer in Splunk Search 09-06-2022 0 4	0	4
	How to decrease the font size and make the count bold in only one table? I have to decrease the fields names font size, like subgroup, platforms, bkcname etc.. (all fields present in the tab... by ramkyreddy Explorer in Splunk Search 09-06-2022 0 2	0	2
	Custom Deployment Application - Inability to visualize pre-defined field extraction from props.conf file Hello Community,As me and the team are trying to configure a custom deployment application which has to be implemente... by NAtanasov New Member in Splunk Search 09-06-2022 0 0	0	0
	How to add row to chart from lookup file? Hi Splunk community, I want to chart the data retrieved from index, filter the app_name field to match with ones in t... by boxmetal Path Finder in Splunk Search 09-06-2022 0 5	0	5
	Storing data in Splunk Good afternoon! I want to know how splunk stores data. I can't find detailed information.Can I connect a DBMS to splu... by metylkinandrey Communicator in Splunk Search 09-06-2022 0 7	0	7
	How do I move all values from column one row up? Hello everyone, Can not find how I may move all values from a column(Total), one row up, in a table This is my curr... by nmsaraujo Explorer in Splunk Search 09-06-2022 0 4	0	4
	Is there any way to optimize this query to increase performance? We are trying to create a query to get list of fields in all sourcetypes grouped by sourcetype and index. We tried t... by shafee_anwar New Member in Splunk Search 09-05-2022 0 0	0	0
	Windows account lockout and enable- Why is my search returning 0 results? Hi I want to create a splunk use case like a after getting 3 times failure the account again got enable.. I was wor... by debjit_k Path Finder in Splunk Search 09-05-2022 0 9	0	9
	How to use span with stats? My query below does the following: Ignores time_taken values which are negativeFor each event, extracts the hour, mi... by jpanderson Path Finder in Splunk Search 09-05-2022 0 6	0	6
	Left Join: How to display missing data in a table using Join? Hi There, I have a requirement where i have an index with two different sources. index=a sourcetype=a1 index=a source... by asveturi Path Finder in Splunk Search 09-05-2022 0 9	0	9
	How to extract a field from raw json? Hi Team, From the below raw JSON string in Splunk, I am trying to display only correlationId column in a table, can s... by asveturi Path Finder in Splunk Search 09-05-2022 0 9	0	9