Splunk Search

Community Activity

How do I convert Duration field in sec to day Hr Min Sec? Base query: index=jenkins* teamcenter \|search event_tag=job_event \|search build_url=TC_Active \|where isnotnull(job_... by Abhineet Loves-to-Learn Everything in Splunk Search 07-08-2022 0 7	0	7
How to filler a Field base on other two field? host="SPL-SH-DC" sourcetype="ABCSW"......\| search "Plugin Name" != "TLS Version 1.1 Protocol Deprecated" AND Port != ... by Rithekakan Path Finder in Splunk Search 07-08-2022 0 8	0	8
Make sure Value from one specific event is not in any other events I can't wrap my head around how to do this search. It's like I need an array or variable.Example Data:HostnameStorag... by splunk219783 Path Finder in Splunk Search 07-08-2022 0 8	0	8
How can I use * in eval if statement? \| eval RouteLatency = if (Name="ABC" AND HTTP="https://.net..com*" , bckLatency ,RouteLatency ) by ashidhingra Path Finder in Splunk Search 07-08-2022 0 2	0	2
How to convert the time in raw data to different timezone? I have the raw data where i need to convert the time in raw data to particular time zoneexample:if the time contains ... by Veeru Path Finder in Splunk Search 07-08-2022 0 10	0	10
Why am I unable to extract cookie field? So I'm trying to extract a field called "secureToken=tokenvalue" from our akamai logs. However when I try to extract ... by jhilton90 Path Finder in Splunk Search 07-08-2022 0 9	0	9
How do I list machines that do not match my search? How do I list machines that do not match my search?"if" my script runs, a message is sent to splunk. The script runs ... by cwheeler33 Explorer in Splunk Search 07-07-2022 0 2	0	2
SplunkPhantom: Could not load JSON from CEF parameter: Error Code: Error code unavailable. Error Message: Expecting ',' Could not load JSON from CEF parameter: Error Code: Error code unavailable. Error Message: Expecting ',' delimiter: l... by Manojsai_3 New Member in Splunk Search 07-07-2022 0 0	0	0
Case-insensitve sort Is there a way that I can sort some data alphabetically where the values are case insensitive? Currently, it sorts a... by atornes Path Finder in Splunk Search 07-07-2022 1 5	1	5
How to Combine Multiple Data Sources in Pie Chart Visualization? I have a data sources that shows if an order was resolved as fraudulent (data="resolutions") and in a different data... by devanoverstock Explorer in Splunk Search 07-07-2022 0 6	0	6
Why is the Splunk app not displaying? Hi Team, The below screen shot in prod environment Splunlk App displaying app when ever select , but dev environment... by parnika171017 New Member in Splunk Search 07-07-2022 0 0	0	0
How to compare Sum of event counts per day until bow()? Hello, I want to compare event counts for indexes to evaluate if there is unexpected changes in logging. In order t... by MarcusBB Explorer in Splunk Search 07-07-2022 0 2	0	2
Help with data enrichment Hi everyone! I would appreciate your help with the following search, I can't find how to do that, I need to add the ... by Danielle_marks Explorer in Splunk Search 07-07-2022 0 4	0	4
Recursive macro invocation fails- Is there a different solution besides defining all possible list values? Hi everyone, I have the following issue: within a search and a data field I find values like this: db2_stat = "1,3:8"... by eherbst63 Explorer in Splunk Search 07-07-2022 0 2	0	2
Compare Different Fields in Different Events New to Splunk and banging my head against the wall with this problem for over a day now. Please help...Need to compar... by lgsplunks Explorer in Splunk Search 07-07-2022 0 4	0	4
How to get dynamic inputs through a query in Dashboard studio? Hi, I am trying to implement a dynamic input dropdown using a query in the dashboard studio.The code I am using is as... by _pravin Contributor in Splunk Search 07-07-2022 0 4	0	4
Stats Count Field To Include 0 For each Bin period I’m trying to get a count for activity on around 10 different APIs.The search is:index=api_logs \| bin span=5min _time... by sssplunker Engager in Splunk Search 07-07-2022 0 4	0	4
Splunk DBConnect use the SQL WITH statement Can Splunk DBConnect use the SQL WITH statement? WITH TABLE_BASE AS (-- this section is the base query and matches th... by robjackson Path Finder in Splunk Search 07-06-2022 0 1	0	1
Remove field values from one multi-valued field which values are present in another multi-valued field Remove field values from one multi-valued field which values are present in another multi-valued fieldLooking for som... by VatsalJagani SplunkTrust in Splunk Search 07-06-2022 0 5	0	5
What is the "correlate" function doing behind the scenes I am trying to use the correlate command in Splunk but keep receiving "1.0" or other numbers as the correlation value... by spogtrop Explorer in Splunk Search 07-06-2022 0 4	0	4
Why are multiple Lookups showing no results instead of Zero? Hi everyone: I have a lookup I am using to filter against another lookup and I'm having trouble getting the output to... by mistydennis Communicator in Splunk Search 07-06-2022 0 3	0	3
Calculate NPS (Net Promotor Score) Data is events with a date, username, company, score.I want to calculate an NPS score by company.detractors = scores... by tzvikaz Explorer in Splunk Search 07-06-2022 0 1	0	1
How to set lower and upper threshold deviation? Hi Splunkers, This may be easy, but I'm not able to solve it if anyone can help. I want to set a lower threshold to 1... by majilan1 Path Finder in Splunk Search 07-06-2022 0 2	0	2
Get the timestamp of first occured error Hello community. I use splunk for one of my projects and i had a doubt.I have a query which roughly looks like below ... by VikhyathMaiya Explorer in Splunk Search 07-06-2022 0 1	0	1
Getting commas into a multivalue number field I'm posting this in case someone else has the problem I struggled with.I had was calculating a list of upload and dow... by sjbriggs Path Finder in Splunk Search 07-06-2022 1 2	1	2