Splunk Search

Community Activity

Replacing Field Value Hello, I have some field values which I am unable to replace with the 'replace' command in the csv file. I have Power... by beepbop Explorer in Splunk Search 07-21-2022 0 1	0	1
Help with Timechart splunk Hey AllI have this search, and I want two results on my visualization. I want to see both "Method" and "User". What i... by Amir Engager in Splunk Search 07-21-2022 0 4	0	4
How to sort the data in a row based on the last word after hyphen? How do I sort the data based on the last word after hypen data_file_hyper_v_serverdata_file_linux_serverdata_file_vmw... by ashish_khantwal Engager in Splunk Search 07-21-2022 0 1	0	1
Creating report search issues Hi All,I am trying to create an efficient way to pull out certain win events for my report but I am not sure it would... by DanAlexander Communicator in Splunk Search 07-21-2022 0 11	0	11
Excluding daily values in chart if less then 1 Hello communityI am trying to combine two different things and cannot figure out how. I am looking at a certain actio... by fatsug Builder in Splunk Search 07-21-2022 0 4	0	4
How to Lookup cidrtomatch for loop I have a lookup with IP addresses (CIDR), I need to find the intersection of IP addresses. There is a command in splu... by hackerkor Observer in Splunk Search 07-21-2022 0 4	0	4
Please help me understand Eval function query Please help to understand the logic of below query eval count=if(isnull(count), -1,count) by aaa2324 Explorer in Splunk Search 07-21-2022 0 2	0	2
Complex JSON (and Multivalue) processing I've been working on a project with JSON in the event where Tags are stored similar to this...{<!-- -->"Name": "example","Tag... by jerewill Explorer in Splunk Search 07-20-2022 0 8	0	8
How to fix appendcols returning more than necessary? Hi everyone, I am new to Splunk and I am learning as I go. I'd like to know if anyone has any idea what I am doing w... by Diana_a Explorer in Splunk Search 07-20-2022 0 3	0	3
How can I make transpose work for all more than 5 days of data? My actual query as all this data. but after i use transpose \| sort by _time desc\| eval mytime=strftime(_time, "%B ... by ashidhingra Path Finder in Splunk Search 07-20-2022 0 2	0	2
Is it possible to break a value down to partial values as a match or field? So I have a field (plugin_output)that has a paragraph of hardware info as one value. The only part of the value I'm c... by Minasdad Path Finder in Splunk Search 07-20-2022 0 5	0	5
How to pass calculate the latest row count in multiple lookups? Hi All, I have around 100+ lookups, which get updated daily from indexed data using macro and saved search. I want ... by rajeshmetso Engager in Splunk Search 07-20-2022 0 4	0	4
Is there an SPL query to know the last date UFs phoned in to a specific DS? Is there an SPL query to know the last date UFs phoned in to a specific DS. We've many DS in our company by So76 Explorer in Splunk Search 07-20-2022 0 6	0	6
How to resolve Error in 'similarity' command: External search command exited unexpectedly with non-zero error code 9? I use nlp-text-analytics app for similarity between two strings but I get above error when I run lines 1, 2, and 3... by soheil115 Engager in Splunk Search 07-20-2022 0 1	0	1
How to sum two fields? I am attempting to eval a new field, from two other fields: \| eval 4XXError=if(metric_name="4XXError", statistic_... by vince_iw Explorer in Splunk Search 07-20-2022 0 2	0	2
How to calculate Average with condition based? Hi All, i am writing a query with the following: index=a0_payservutil_generic_app_audit_npd "kubernetes.labels.releas... by vineela Path Finder in Splunk Search 07-20-2022 0 3	0	3
Why am I yielding an error with Where Statement for exact numeric value? Hello, I am experiencing an interesting Issue. I am trying to filter for a specific value in a numeric field. Followi... by blablabla Path Finder in Splunk Search 07-20-2022 0 1	0	1
How to list only distinct values from the listed results? Hi I have a query which runs and results me the list of Ip's in a table format grouped by username. In my table of re... by rakeshyv0807 Explorer in Splunk Search 07-20-2022 0 6	0	6
How to align 2 single panel no matter the length of the title? Hello As you can see, the 2 single panel are not correctly aligned is there a way to avoid this without changing the ... by jip31 Motivator in Splunk Search 07-19-2022 0 0	0	0
Conditionals/dependencies in search? (where x and y within z) Hello communityI am trying to set up a search to catch any succesfull logon after x failed within y minutes. However,... by fatsug Builder in Splunk Search 07-19-2022 0 5	0	5
How to calculate daily volume of logs ingested by index? HI all, I am trying to figure out the best method for determining the volume of logs ingested into my various indexes... by mike_k Path Finder in Splunk Search 07-19-2022 0 2	0	2
How to get next 10th minute for the field time in Splunk? I am getting the output time but i want to round the time value for next 10th minute.the excepted output is the roun... by Veeru Path Finder in Splunk Search 07-19-2022 0 9	0	9
How to calculate Top limit=10 OR head 10 not working by Count? Hi Team I have a query where I am doing the TimeChart & % (not using the timechart and calculate the % in timechart... by beriwalnishant Path Finder in Splunk Search 07-19-2022 0 3	0	3
Why do search lookup returns no results found? Hello!We are enriching some data and want to be able to then search the results matched from the lookup table. It wo... by johnansett Communicator in Splunk Search 07-19-2022 1 4	1	4
How to use distinct count of multiple fields? I have data that looks like the following: Week Employee Project# 6/3/2022 A ... by JoeHubner Explorer in Splunk Search 07-19-2022 0 6	0	6