Splunk Search

Community Activity

Please help me understand Eval function query Please help to understand the logic of below query eval count=if(isnull(count), -1,count) by aaa2324 Explorer in Splunk Search 07-21-2022 0 2	0	2
Complex JSON (and Multivalue) processing I've been working on a project with JSON in the event where Tags are stored similar to this...{<!-- -->"Name": "example","Tag... by jerewill Explorer in Splunk Search 07-20-2022 0 8	0	8
How to fix appendcols returning more than necessary? Hi everyone, I am new to Splunk and I am learning as I go. I'd like to know if anyone has any idea what I am doing w... by Diana_a Explorer in Splunk Search 07-20-2022 0 3	0	3
How can I make transpose work for all more than 5 days of data? My actual query as all this data. but after i use transpose \| sort by _time desc\| eval mytime=strftime(_time, "%B ... by ashidhingra Path Finder in Splunk Search 07-20-2022 0 2	0	2
Is it possible to break a value down to partial values as a match or field? So I have a field (plugin_output)that has a paragraph of hardware info as one value. The only part of the value I'm c... by Minasdad Path Finder in Splunk Search 07-20-2022 0 5	0	5
How to pass calculate the latest row count in multiple lookups? Hi All, I have around 100+ lookups, which get updated daily from indexed data using macro and saved search. I want ... by rajeshmetso Engager in Splunk Search 07-20-2022 0 4	0	4
Is there an SPL query to know the last date UFs phoned in to a specific DS? Is there an SPL query to know the last date UFs phoned in to a specific DS. We've many DS in our company by So76 Explorer in Splunk Search 07-20-2022 0 6	0	6
How to resolve Error in 'similarity' command: External search command exited unexpectedly with non-zero error code 9? I use nlp-text-analytics app for similarity between two strings but I get above error when I run lines 1, 2, and 3... by soheil115 Engager in Splunk Search 07-20-2022 0 1	0	1
How to sum two fields? I am attempting to eval a new field, from two other fields: \| eval 4XXError=if(metric_name="4XXError", statistic_... by vince_iw Explorer in Splunk Search 07-20-2022 0 2	0	2
How to calculate Average with condition based? Hi All, i am writing a query with the following: index=a0_payservutil_generic_app_audit_npd "kubernetes.labels.releas... by vineela Path Finder in Splunk Search 07-20-2022 0 3	0	3
Why am I yielding an error with Where Statement for exact numeric value? Hello, I am experiencing an interesting Issue. I am trying to filter for a specific value in a numeric field. Followi... by blablabla Path Finder in Splunk Search 07-20-2022 0 1	0	1
How to list only distinct values from the listed results? Hi I have a query which runs and results me the list of Ip's in a table format grouped by username. In my table of re... by rakeshyv0807 Explorer in Splunk Search 07-20-2022 0 6	0	6
How to align 2 single panel no matter the length of the title? Hello As you can see, the 2 single panel are not correctly aligned is there a way to avoid this without changing the ... by jip31 Motivator in Splunk Search 07-19-2022 0 0	0	0
Conditionals/dependencies in search? (where x and y within z) Hello communityI am trying to set up a search to catch any succesfull logon after x failed within y minutes. However,... by fatsug Builder in Splunk Search 07-19-2022 0 5	0	5
How to calculate daily volume of logs ingested by index? HI all, I am trying to figure out the best method for determining the volume of logs ingested into my various indexes... by mike_k Path Finder in Splunk Search 07-19-2022 0 2	0	2
How to get next 10th minute for the field time in Splunk? I am getting the output time but i want to round the time value for next 10th minute.the excepted output is the roun... by Veeru Path Finder in Splunk Search 07-19-2022 0 9	0	9
How to calculate Top limit=10 OR head 10 not working by Count? Hi Team I have a query where I am doing the TimeChart & % (not using the timechart and calculate the % in timechart... by beriwalnishant Path Finder in Splunk Search 07-19-2022 0 3	0	3
Why do search lookup returns no results found? Hello!We are enriching some data and want to be able to then search the results matched from the lookup table. It wo... by johnansett Communicator in Splunk Search 07-19-2022 1 4	1	4
How to use distinct count of multiple fields? I have data that looks like the following: Week Employee Project# 6/3/2022 A ... by JoeHubner Explorer in Splunk Search 07-19-2022 0 6	0	6
How to create a 14 day search for specific time range (02:00 - 06:00) only? How to create a 14 day search for specific time range (02:00 - 06:00) only? by ashidhingra Path Finder in Splunk Search 07-19-2022 0 5	0	5
How to extract a Multi-Valued Field? I've imported a .csv that has many fields, but the only one I care about has multiple values in it. pluginText: <plu... by Minasdad Path Finder in Splunk Search 07-19-2022 0 11	0	11
How to match field values with multivalue field? I have a data with two fields: User and Account Account is a field with multiple values. I am looking for a search th... by Skysurfer Explorer in Splunk Search 07-19-2022 0 10	0	10
How to pivot convert in Splunk? Hi, I habe a table after using stats: \| stats values(durationSum) as duration by Fauf Station. How can I convert it ... by zoe Path Finder in Splunk Search 07-19-2022 0 2	0	2
TimeChart Percent Query - How to Sort on specific field count Hello Experts, I am stuck with a timechart % query and I want to sort basis a field count and not the default sort on... by beriwalnishant Path Finder in Splunk Search 07-19-2022 0 13	0	13
Error in 'similarity' command: External search command exited unexpectedly with non-zero error code 9 index="main" source="all_digikala1.csv" \| table title price \| map search="search index=main source=all_sites1.csv \|... by soheil115 Engager in Splunk Search 07-18-2022 0 0	0	0