Splunk Search

Community Activity

Splunk Search result- Can I change the x and y axis in time series? i need to combine the country count on daily bases If i am using count If i am using time series in time series ... by ut89shukla New Member in Splunk Search 06-25-2022 0 1	0	1
Extracting the latest numeric value from the latest event to create a Gauge component in dashboard Hi Users, I have to create a gauge component to show the available memory in the system. As we know the gauge compone... by akotwale Engager in Splunk Search 06-25-2022 0 2	0	2
How can I find events that contain non english words? Hi how can I find events that contain non english words? e.g i have log file that some lines contain germany or arabi... by indeed_2000 Motivator in Splunk Search 06-25-2022 0 11	0	11
Rest Query to find out query along with no of execution times Hi Team, Is there any way to use REST syntax and retrieve the following.1. Rest Query to retrieve all unique searches... by splunkfriend123 Engager in Splunk Search 06-25-2022 0 4	0	4
How to combine two search result with different fields in single dashboard? Hello,I have logs in two index, Index=flow_logFields required,src_ip, src_port, dest_ip, dest_port, network interface... by navb Loves-to-Learn in Splunk Search 06-24-2022 0 5	0	5
How can we find out volume of logs queried in Splunk? How can we find out volume of logs queried in Splunk by kml_uvce Builder in Splunk Search 06-24-2022 0 3	0	3
Why do some entries (of type search) have api_et, api_lt, and others have apiStartTime,apiEndTime? Hello, I am digging through my _audit index to see what searches people are running over time, but I am confused by t... by jason0 Path Finder in Splunk Search 06-24-2022 0 3	0	3
How to create a Timechart that spans 1 week, starts from Monday 00:00 Hello, I couldn't find sufficient solution at documentation nor community. I have to setup timechart, where span=1w, ... by JacobWrdz Explorer in Splunk Search 06-24-2022 0 2	0	2
Time Range Question I have doubts that this Saved Search may not be properly engineered and very taxing in terms of how time range is sp... by zacksoft_wf Contributor in Splunk Search 06-24-2022 0 4	0	4
Issue with point separator, after conversion from a json file Hi together!I have an issue with the point separator, after conversion from a json file.This is raw json:"customfield... by timo258 Explorer in Splunk Search 06-24-2022 0 3	0	3
How to resolve:The current bundle directory contains a large lookup file that might cause bundle replication fail- delta Hi all, I keep getting a message that the current bundle directory contains a large lookup file and the specified fil... by daisy Explorer in Splunk Search 06-24-2022 0 5	0	5
Using Eval function to calculate percentage I'm hoping someone can help me out here. I'm looking to create a simple table that displays a column for "count" and ... by ldlopez38 Observer in Splunk Search 06-23-2022 0 1	0	1
Search performance of raw without wildcards I am somewhat puzzled by the performance of this search. When I leave the wildcards off the search is WAY faster than... by fredclown Builder in Splunk Search 06-23-2022 0 4	0	4
Showing 0 instead of no results, how to get this line to append to another lookup? Hi Everyone: I have this query on which is comparing the file from last week to the one of this one. I'm doing this t... by fereze Engager in Splunk Search 06-23-2022 0 2	0	2
How to get bar chart visualization to stop at 100? I don't want the graph to show 105. by ashidhingra Path Finder in Splunk Search 06-23-2022 0 1	0	1
How to find long-running searches in Splunk, with execution time in mins? How to find long-running searches in Splunk, with execution time in mins. by shinde0509 Explorer in Splunk Search 06-23-2022 0 6	0	6
Is there a way to not do expansion of sourcetype? I execute a search with this ... index=foo sourcetype=wineventlog field=value ... In the search.log I am seeing a... by fredclown Builder in Splunk Search 06-23-2022 0 1	0	1
How to create search to filter on a field after rex extraction? Hello, I need to create a search that will display results based on a specific value.My issue is that the following s... by yanisA Explorer in Splunk Search 06-23-2022 0 1	0	1
How do I get over conditional functions formatting? Hello community, like to ask for support to get over conditional formatting. I have 3 different products in a group. ... by Stives Explorer in Splunk Search 06-23-2022 0 8	0	8
Why when using transaction to calculate duration after a dedup doesnt return values wanted? Hi All, I am new to splunk and not a developer so first up apologies for any poor syntax or coding practices. What am... by stuwoodward Engager in Splunk Search 06-23-2022 0 2	0	2
How to create a list to collect "well-knowed process"? Hi, I'm doing a project and I've installed Splunk Trial Enterprise on a server and Universal Forwarder on other three... by raffaelecervino Engager in Splunk Search 06-23-2022 0 4	0	4
How to achieve readable date format for scatter plot x-axis? I have the below query, I need the scatter point visualization for this. time on the x axis and the build duration o... by Ishan Loves-to-Learn in Splunk Search 06-23-2022 0 0	0	0
How to extract the short description from incoming event? Hi Everyone, I have a field called as TriggeredMessage coming in an event in Splunk and I want to extract the short d... by Splunk4 Explorer in Splunk Search 06-23-2022 1 14	1	14
How can I count my logins by a field? I have this query and I want to count how many logins were made by id, like if a person logged in 3 times I just want... by rebecalopes241 New Member in Splunk Search 06-22-2022 0 1	0	1
How to extract and download a field of array from an event? I have an event which is constructed like the following: { name: string, time: string, duration: string, ... by hantaliu Loves-to-Learn Lots in Splunk Search 06-22-2022 0 1	0	1