Splunk Search

Community Activity

Why does Splunk values() return swapped counts? I want to use the values() function because I want to group by fields. If I just use count by I get the correct resul... by Zoblou Engager in Splunk Search 04-21-2022 0 4	0	4
Why am I receiving this Error while using the \|rest in the splunk rest API? Hi Team, I am trying to run a search and get the searchId, I will use this searchId later to fetch the results. ... by smaran06 Path Finder in Splunk Search 04-20-2022 0 3	0	3
Need Help with Splunk Query- Titles in chart Hi, Can any one please help me with the query currently iam using " \| rename * AS \\|*\\| " but i don't want \ in t... by kc_prane Communicator in Splunk Search 04-20-2022 0 1	0	1
How to Color all my dynamic column to min max scale color? I would like to perform coloring in mindmidmax based on each column value. However, the column is dynamic, it is quit... by PeiYing15 Loves-to-Learn Everything in Splunk Search 04-20-2022 0 0	0	0
Using timechart to get count, why is returning null values as 0? Already using a query with below to get total number: \| timechart span=1d count What can I add to return, show a "0" ... by csquared Engager in Splunk Search 04-20-2022 1 2	1	2
How to connect consumers and providers based on ID between logs and display their server names too? I am hoping you could help me out with this query, as I am quite stuck.I want to be able to retrieve the name of the ... by ana Engager in Splunk Search 04-20-2022 0 2	0	2
How to join the indexes to show the changed information and the status of the PIR? I have 3 indexes that I need to join. One index is the changes that we have in created in our Service Management to... by servus_kkozoriz Engager in Splunk Search 04-20-2022 0 11	0	11
How to extract new field IP with regex? This is a log example: 2022-04-19 11:33:41 Local1.Info 10.0.6.1 Apr 19 12:34:20 FireboxM470_HA2 801002AA8CC3A Firebo... by Madys Engager in Splunk Search 04-20-2022 0 1	0	1
How to extract a field from my raw data using rex? Below is my raw logs. I want to extract "analystVerdict" & its corresponding result from raw logs. can someone please... by alexspunkshell Contributor in Splunk Search 04-20-2022 0 6	0	6
Why is iplocation showing incorrect data ? In my ES App, I have a rule where I noted some discrepancy regarding the source country for the src ip 112.196.162.... by zacksoft_wf Contributor in Splunk Search 04-20-2022 0 3	0	3
Extract the meaningful fields from the logs I want to get an API usage report per user and I am struggling with the Splunk Query for this, can someone please hel... by amitru Engager in Splunk Search 04-20-2022 0 1	0	1
Carrying tokens in another token that are prone to updates Hi All,the topic might sound very mystic but is actually rather straight forward.I have a timechart displaying the cu... by Software-Simian Path Finder in Splunk Search 04-20-2022 0 7	0	7
Eval () not creating a new field for timestamp extraction Hi All,In my raw events, there is a field called "dv_last_login_time" ( already indexed) as shown below that shows t... by neerajs_81 Builder in Splunk Search 04-20-2022 0 3	0	3
Why am I getting No results when when using "stats"? I'm attempting to run a query and I've run into a really weird situation where if I run a query with "head 10 \| field... by Liran Observer in Splunk Search 04-19-2022 0 3	0	3
How to format 86401 seconds as 24:00:01 I am trying to display a duration result to a dashboard and when I try to use the function to convert seconds to HH:M... by SammyDavis Explorer in Splunk Search 04-19-2022 3 13	3	13
Quick SPL help with Windows Logs! Good day all,I come to seek guidance from the experts My team and I have been tasked with creating an alert that wil... by dfurtaw Path Finder in Splunk Search 04-19-2022 0 1	0	1
How to omit consecutive same results and remove it? Hello Splunkers, I have a query where I did a \|stats values(abc) as abc command over time .I got the below results .... by vrmandadi Builder in Splunk Search 04-19-2022 0 13	0	13
How to write Field Extractions from Complex/inconsistence Event Structure Hello, I have events with complex/inconsistence data structure. Need to extract field 2 values under 2 different fiel... by SplunkDash Motivator in Splunk Search 04-19-2022 0 1	0	1
How to get the percentage increase of threshold value and to build a dashboard out of it? To get the percentage increase of threshold value and to build a dashboard out of it to show as red if it is increase... by PavanSeerapu Explorer in Splunk Search 04-19-2022 0 2	0	2
Data model _time field format We are trying to create a data model with a custom _time field. We created the data model, and added a calculated fie... by BernardEAI Communicator in Splunk Search 04-19-2022 0 1	0	1
How to use Transaction command with two extracted join fields? I have two Splunk queries, each of which uses the _rex command to extract the join field. Example: QUERY 1 inde... by jbrenner Path Finder in Splunk Search 04-19-2022 0 3	0	3
How to Monitor Java Application MEM/CPU/DISK usage with splunk? Hi How can I monitor java applications with splunk, I try nmon but it only give whole java process, not specific pid!... by indeed_2000 Motivator in Splunk Search 04-19-2022 0 3	0	3
How to extract key-value pairs from log and visualize them My logs are in the format: My-Application Log: Some-Key= 99, SomeOtherKey= 231, SomeOtherKey2= 1231, Some Different K... by arnavkumarsaxen Explorer in Splunk Search 04-19-2022 0 6	0	6
How to create a conditional graph depending on input parameter? Hello, so I have an input on my dashboard page of either month"01-2022,02-2022" and also quarter"Q1-2022". So dependi... by jinishshah Explorer in Splunk Search 04-19-2022 0 9	0	9
How to write array within array for million records? Hey Team,I have Million records to search for.Record Structure is given below.My requirement is to get length of aVal... by gheribhai1234 Engager in Splunk Search 04-19-2022 0 13	0	13