Splunk Search

Community Activity

How to not Display Data that is less than 10 days old? Hello all, I know this has been asked many different ways but, I cant seem to get the search correct. I am attempting... by IndyJones1345 Loves-to-Learn in Splunk Search 08-30-2022 0 1	0	1
How to get Splunk triggered alerts results url? Hi Splunkers , Im trying to build a dashboard to capture all the triggered alerts with some custom actions to be ap... by spl_unker Explorer in Splunk Search 08-30-2022 0 1	0	1
How to set up Alert setting, in case of a large interval between messages? Good afternoon!I receive messages from systems on splunk, several messages from one system line up in a message chain... by metylkinandrey Communicator in Splunk Search 08-30-2022 0 1	0	1
How to get pie chart value and name to be reflected in Available and Not Available name label? I need the count and count % to be reflected in Available and Not Available line with the value. Appreciate if i get ... by ShamGowda Loves-to-Learn Lots in Splunk Search 08-30-2022 0 1	0	1
How can I display a chain of all ten messages? I have a message thread, these messages are coming on splunk.The chain consists of ten different messages: five messa... by SajarKumarPat New Member in Splunk Search 08-30-2022 0 3	0	3
How to change the heigh of panels in XML ? Hi,How can I make both of these panels be the same height ? by Edwin1471 Path Finder in Splunk Search 08-30-2022 0 1	0	1
Why is timestamp not showing as the default in column1 when I load the dashboard? Hi Experts , i want to show Column1 timestamp selected as default in Date/Time Range From not sure what i am doing wr... by vamsi354 Explorer in Splunk Search 08-30-2022 0 2	0	2
How to write search to find error percentage for each group? My data looks as follows: host col2 ---- ---- A SUCCESS A ERROR B ERROR B SUCCESS B SUCCESS C ERROR Here ... by kimberlytrayson Path Finder in Splunk Search 08-30-2022 0 1	0	1
How to write correlation search to show these alerts? Hi Community, I have these alerts on EDR and I want to create a correlation search to show these alerts on the Splu... by m_khatibo88 New Member in Splunk Search 08-30-2022 0 1	0	1
How to display field value into column? status=Auto, Manual car= BMW, Honda, Audi index * \| stats count(status) as Total by car Is there anyway I can get the... by Khuzair81 Path Finder in Splunk Search 08-29-2022 0 2	0	2
How do list multiple sources in a query: sourcetype=xml source="/wealthsuite/tti/current/"? How do list multiple sources in a query: sourcetype=xml source="/wealthsuite/tti/current/"? by mcristinzio New Member in Splunk Search 08-29-2022 0 3	0	3
How do I change the title text on the tabs from default text to a custom text? I want to change the title text on the tabs from, for example, "Login\|Splunk" or "Dashboards \| Splunk 7.1.2" to a tex... by sh254087 Communicator in Splunk Search 08-29-2022 0 4	0	4
Formalizing MAC address to XX:XX:XX:XX:XX:XX format I was searing for a simple way to convert all types of mac address to "more" standard format. Found various solution... by jotne Builder in Splunk Search 08-29-2022 1 0	1	0
How to create a search for BST ( British Summer Time) Search Time Interval Change? Hi I have a SPL query that needs to adjust at search time when we are falling in and out of BST. During BST, the se... by djcascione Explorer in Splunk Search 08-29-2022 0 7	0	7
How can I rename the value of the policy name from = to "contains"? How can i rename the value of the policy name from = to "contains". Instead of saying "index=tenable* sourcetype="*"... by marceldera Explorer in Splunk Search 08-29-2022 0 1	0	1
Is there a way in Splunk to compare and find delta of the duration from the previous runs? Hi All, We are generating a log that records in and out timestamp in epoch for a specific set of transactions and we ... by maniishpawar Path Finder in Splunk Search 08-29-2022 0 3	0	3
How to count number of values in multi-valued field , dynamically? <input type="multiselect" token="product_token" searchWhenChanged="true"><label>Product types</label><choice value="*... by vijay_k Engager in Splunk Search 08-29-2022 0 5	0	5
How to force the display of a value when the search is empty? Hello community, I have a problem with a search that does not return a result. For the purposes of a dashboard, I nee... by Rajaion Path Finder in Splunk Search 08-29-2022 0 2	0	2
Re-order table columns with dynamic names? Hello, I have a chart with dynamic field names displayed as table and would like to change the order of the columns: ... by mspoerr Path Finder in Splunk Search 08-28-2022 0 3	0	3
How to extract cancelled transactions from logs? I'm looking at events and I'm trying to determine which files are not "deleted" from the folder on a server after fi... by syed Observer in Splunk Search 08-28-2022 0 6	0	6
How to normalize MAC address format? We have different log sources that may format the MAC address as: af:af:af:af:af:af af-af-af-af-af-af af.af.a... by jeff Contributor in Splunk Search 08-28-2022 0 9	0	9
How to create a new field based on existing fields? Hi, how can I combine two fields (2.1 and 2.2) into one field (Main calculation) I have a table : I would like to... by Edwin1471 Path Finder in Splunk Search 08-28-2022 0 3	0	3
How to transform a table? Hi, How can I transform a table, so that the result would look something like this by Edwin1471 Path Finder in Splunk Search 08-27-2022 0 4	0	4
Unable to render the dropdown value in the search for the 1st time? I have a dashboard that gets its base query from a dropdown option and that to run that base query takes the values f... by MT New Member in Splunk Search 08-27-2022 0 1	0	1
How to sort contiguous _time into discreet sets? I'm trying to collapse a of data into earliest/lastest by _time, with the time is contiguous. Such as: 2022-08-27 07... by timgren Path Finder in Splunk Search 08-27-2022 0 2	0	2