Splunk Search

Community Activity

	How to calculate dates in my search? Sorry team to bother you again, i have a code that is giving me issues \| eval InT = (strptime('LastPickupDate',"%m-%d... by ositaumeozulu Explorer in Splunk Search 06-07-2022 0 2	0	2
	How to write a search query for disk partition I/O (as a pie chart) from Unix TA, which is onboarding Linux data. How to write a search query for disk partition I/O (as a pie chart) from Unix TA, which is onboarding Linux data. Any... by Mariusz Engager in Splunk Search 06-07-2022 0 0	0	0
	Extract all regex matches as a list in each log Input:Message ID... tt_1 ... tt_2 ... tt_9 ... tt_3 ... by nagulan_s Loves-to-Learn Everything in Splunk Search 06-07-2022 0 9	0	9
	How to convert multiples data field using xyseries and sort data Month wise? Hi, My data is in below format I am trying to add the total of all the columns and show it as below Please help me ... by Ashwini008 Builder in Splunk Search 06-07-2022 0 4	0	4
	Is it possible to leverage view used by other app that doesn't exist in splunkjs/mvc? Hi, I am trying to create a splunk app that mimics as much of the Search and Report functionality as possible with so... by rnelson30 Engager in Splunk Search 06-07-2022 0 3	0	3
	Why is splunk not detecting All Files during search? Hi, im currently facing problem where splunk can detect all my files in directory but when doing searching, splunk ca... by aamirulh New Member in Splunk Search 06-06-2022 0 1	0	1
	How to edit my regex to remove all text before ":" if there is more than one Hello Team, Splunkers, I am working on a correlation search and need to use a regex expression to strip all text bef... by nikolaevnz Engager in Splunk Search 06-06-2022 0 2	0	2
	How to use an evaluated field in search command? Could you please let me know how to use an evaluated field in search command index=main sourcetype="access_combined" ... by biju_babu Explorer in Splunk Search 06-06-2022 0 6	0	6
	How to create a kvpair from two automatically extracted JSON arrays? I'm in a situation where by sourcetype, I'm already having a nested JSON array broken into 2 fields: DeviceProperties... by mjones414 Contributor in Splunk Search 06-06-2022 0 2	0	2
	Is it possible to get dropdown token display name and value? Hi I have a dropdown in my dashboard studio which has some static values like TokenName: appName Display NameValueAp... by biju_babu Explorer in Splunk Search 06-06-2022 0 4	0	4
	How to sort based on column values? I have some data that's coming in as follows: "data": { "a": 100, "b": 200 } "data": { "a": 50, "c": 75 } ... ... by mldavis195 Explorer in Splunk Search 06-06-2022 0 3	0	3
	Why is extracted field not showing up in the results page? I have a search criteria with extraction, It seems to be extracting the value. But it's showing up in it's own column... by rmalghan Explorer in Splunk Search 06-06-2022 0 5	0	5
	Why is Automated lookup using kvstore collection not working? I have created a collection in app/local/collections.conf a matching lookup in app/local/transforms.conf I have 5 key... by wmuselle Path Finder in Splunk Search 06-06-2022 0 2	0	2
	Why is iplocation command returning wrong countries? Hi everyone I am currently getting logs from microsoft 365 and one of its panels shows the impossible simultaneous lo... by juancamiloll Explorer in Splunk Search 06-05-2022 0 4	0	4
	How to create rex for multiple fields? HelloGood Day!I have the events in the raw data where i want to extract the drive information into few field and con... by Veeru Path Finder in Splunk Search 06-05-2022 0 3	0	3
	How to extract Multivalue fields? Lets just say I have multiple events like this: names John Sam Todd favorite_colors Blue Yellow Green Each event mig... by shrek Engager in Splunk Search 06-04-2022 0 2	0	2
	How to calculate the average for all values in a single column? This one seems pretty straight forward, but I haven't been able to find an answer anywhere. I'm looking to calculate ... by jpolcari Communicator in Splunk Search 06-04-2022 0 6	0	6
	How to extract data from HTTP request payload? Newbie in Splunk here. How do I extract the value zzz@zzz.com(at the end of the below payload) in a new field named "... by thedonaldblake Engager in Splunk Search 06-03-2022 0 1	0	1
	How to create a search for proxy avoidance/bypass ? Hi I am using Cisco WSA proxy and i need help on creating a usecase for Proxy avoindance/bypass can you please help... by umeshchandra Observer in Splunk Search 06-03-2022 0 0	0	0
	How to calculate date and int columns? please i will be glad to get answer to this query \| eval InT = if(((lastpickupdate + DaysOfARVRefil + 28) > IIT), "... by ositaumeozulu Explorer in Splunk Search 06-03-2022 0 3	0	3
	How to create an algo for finding card numbers? Hi All, I have been working on the luhn algorithm to validate the credit card. For that, I have used the below link q... by Kk Path Finder in Splunk Search 06-03-2022 0 2	0	2
	How to append rest command to my search? I need help to append this rest command to my query. The problem is that the rest command is adding to the first row ... by Italy1358 Path Finder in Splunk Search 06-03-2022 0 2	0	2
	Whaat is the tstats dynamic way to set the value on index to prevent wildcard? Hi Splunkers,I was wondering if this is possible on tstats command. Get the dynamic value from savedsearch result or ... by kelz Explorer in Splunk Search 06-03-2022 0 2	0	2
	How to create two multi value fields to produce a json object of name value pairs? I have this Query that produces two multi value fields, keys and values. What i need to do is pair each entry in the... by spinnerdog Explorer in Splunk Search 06-03-2022 0 3	0	3
	How to calculate duration? Hi, I try to calculate the duration I have extracted 2 fields, start_time and end_time -- I believe both times shoul... by edwinmae Path Finder in Splunk Search 06-03-2022 0 2	0	2