Splunk Search

Community Activity

How to create multiple value in single panel? Hi Team How to create multiple value in single panel dashboard. by jaibalaraman Path Finder in Splunk Search 06-28-2022 0 3	0	3
Why are my jobs' statuses stuck in "QUEUED" forever? I've got a role with more than 6 concurrency limit, and here is what I did: Step1. I submitted 6 concurrent jobs usi... by Z_Jacob Engager in Splunk Search 06-28-2022 1 4	1	4
How to merge two table without losing data and merge multiple rows with "," between each values? Hello, So I have 2 problems I have an alert that fire emails whenever FILE_NAME=FILE_ERROR, and when that happen, I h... by phamxuantung Communicator in Splunk Search 06-28-2022 0 3	0	3
Substring with value pairs, using format but remove variable names Hi,I have mail server logs where each mail has the MID number as identifier (for that mailserver =host, for that day)... by zolo Loves-to-Learn Lots in Splunk Search 06-28-2022 0 2	0	2
Why is website monitoring app not pulling data? we are using splunk cloud trying to monitor URL"s using website monitoring app but while checking its not showing lat... by sekhar463 Path Finder in Splunk Search 06-28-2022 0 0	0	0
How to remove "\n" character from string I have a serialized json string like below "{\n \"ID\": \"da419500-f6b4-11ec-8b49-025041000001\",\n \"Name\": \"splun... by guest_123 Engager in Splunk Search 06-28-2022 0 2	0	2
How to Collate Events By Matching String? Hi All, Im trying use Splunk to produce a table which will highlight the duration between the RUNNING event of one an... by ZCAMZ Loves-to-Learn Lots in Splunk Search 06-28-2022 0 1	0	1
Help with A table data with multiple JSON fields I need count of cloudfront-viewer-country and sec-ch-ua-platform for each OriginPlease help. Expected Result: If si... by shashaikhhh Explorer in Splunk Search 06-27-2022 0 3	0	3
How to get Daily average value of a field I have voltage data and want to get the average volts value per day for the last 7 days. This is where I left off fr... by jenkinsta Path Finder in Splunk Search 06-27-2022 0 2	0	2
Why won't eval substr is work with large string of 20k characters? Hi, I am new to Splunk. I just started using it last month. For me the below " \| eval error=substr(msg, 0, 1000) \| t... by RJDev Loves-to-Learn in Splunk Search 06-27-2022 0 8	0	8
Why my Saved Search is not writing summary to 'stash' souretype? I am investigating a customer's concern that this particular search is not writing summary to 'stash' sourcetype. Th... by zacksoft_wf Contributor in Splunk Search 06-27-2022 0 3	0	3
Why is one field not been extracted as expected? Hello everyone, I have an issue with one field let say foo These are the scenarios: 1. If I run a search just with t... by glpadilla_sol Path Finder in Splunk Search 06-27-2022 0 9	0	9
How to create table columns from JSON? Hi, I have fields from a JSON file that are getting parsed like this: I'm struggling to find a way to turn those fi... by kackerman7 Loves-to-Learn in Splunk Search 06-27-2022 0 4	0	4
How to implement Alerting the absence of events? Hello, team! I need your help with my search. I have a search which collects the list of ip-addresses, and next I ne... by bosseres Contributor in Splunk Search 06-27-2022 0 2	0	2
How to remove blanks in a field in data entry Hi, I'm trying to remove blanks in a field when adding a csv file. In heavy-forwarder I have tried to use a regex in... by vprunera New Member in Splunk Search 06-27-2022 0 1	0	1
How to achieve this Splunk regex query? This is the log i am getting in splunk msg: 2022-01-22 03:00:00.143 INFO 15 --- [ scheduling-1PurgeProcessCountTask :... by sbsinha04 New Member in Splunk Search 06-27-2022 0 4	0	4
How to find the time difference in days between the _time of an event and the current time? Hi All, I might be over thinking this one, but since I've already used _time--> ...\| stats earliest(_time) as first_... by _gkollias Builder in Splunk Search 06-27-2022 0 7	0	7
Field extration based on Event Type Hi I have created a custom Event type and I would like to perform some field extraction based on the new event type, ... by resparis New Member in Splunk Search 06-27-2022 0 3	0	3
Issues with Field Extraction - Extracted Field Not Showing Up in Search Head (in search) Hello,I extracted a few numbers of fields through SPLUNK web interface (see below) using REGEX/REX (see below), all f... by SplunkDash Motivator in Splunk Search 06-27-2022 0 7	0	7
Splunk Rest Query to see the definitions of all dashboards ( public & private ) Hi Team,We had couple of dashboards who created by ex-employees and existing team is unable to access them.Even we do... by splunkfriend123 Engager in Splunk Search 06-26-2022 0 4	0	4
How to use rex max_match resulting in only unique values Hello, I am trying to get a list of values using max_match=5. However I need the results to only return unique val... by spencerneal Explorer in Splunk Search 06-26-2022 0 3	0	3
Getting empty results when running search with particular fields using Java SDK Does anybody know why while I am able to get results when running query with any field in Splunk, I am getting empty... by john_dem8 Observer in Splunk Search 06-26-2022 0 8	0	8
issues with Field Extraction-Showing Error Messages Hello,I have some issues with field extractions and getting error messages. Sample data, extraction codes (REGEX), an... by SplunkDash Motivator in Splunk Search 06-26-2022 0 3	0	3
How do I Filter by ingested timestamp? Hi all, day1 splunker here. I'd like to use an ingested start and stop time in index BLUE and use it to range-filter... by Bob2k New Member in Splunk Search 06-26-2022 0 2	0	2
Use the results of subsearch to rename those results with other name in new search Hi All, I have this data in index 1 inputactive IdleadgbehcfiI have this data in index 2 inputTESTpwrad1be2cf3ag4bh... by paritoshs24 Path Finder in Splunk Search 06-26-2022 0 4	0	4