Splunk Search

Community Activity

How to make rest search on one search head able to get results from other search heads? If you have a dashboard that has a panel with a search like the one below:\| rest splunk_server=* /services/-/-/admin... by jaburke1 Path Finder in Splunk Search 02-02-2022 0 6	0	6
different format field extraction using rex Hello @Anonymous Please help me out here.I was trying to extract a field "faultDescription". but the logs have differ... by BT Path Finder in Splunk Search 02-02-2022 0 8	0	8
search using terms from lookup in an (mv) string field. I have an mvfield of type string in my results. I want to search and match all values of this field for words that c... by drodman29 Path Finder in Splunk Search 02-02-2022 0 1	0	1
filter search results based on subsearch with regex Hi dear community!I'm trying to build the dashboard using records in two states STATE1 and STATE2. I'm logging state ... by margo_zefirka Engager in Splunk Search 02-02-2022 0 5	0	5
combine two result on a timechart for compare them HiI have two result like this REQName count Node1.Node2 100Node3.Node4 500 RSPName ... by indeed_2000 Motivator in Splunk Search 02-02-2022 0 9	0	9
compare record from yesterday to today if field equals Say I have a batch job that pushes JSON records that look like this on Monday: {<!-- --> Department: Engineering Employee... by zachsisinst Explorer in Splunk Search 02-02-2022 0 6	0	6
rex to extract string Hi I have log like this:2022-02-01 11:59:59,869 INFO CUS.AbCD-Host-000000 [AppListener] Receive Packet[0000000*]: Clu... by indeed_2000 Motivator in Splunk Search 02-02-2022 0 2	0	2
Timechart on Bar graph showing null space In timechart command used cont=false and in table statatics its not showing data on empty values but in bar graph . t... by DataOrg Builder in Splunk Search 02-01-2022 0 1	0	1
Why is a single instance of splunk not running query and giving an error "CacheManager - Last run failed to evict requested bytes"? 03-09-2018 12:51:44.372 -0500 WARN CacheManager - Last run failed to evict requested bytes. Performing eviction in u... by kmevans New Member in Splunk Search 02-01-2022 0 3	0	3
Substituting key values on raw text Let's say I have a CSV input with the following columns: _raw,user,src_ipThe _raw event is: "Accepted public key fo... by responsys_cm Builder in Splunk Search 02-01-2022 0 1	0	1
Lookup help: Replace column result with value in other lookup Hey Splunkers. Quick question regarding my lookup. I have the Identity lookup with ES and I'd like to replace the 'pr... by 96nick Communicator in Splunk Search 02-01-2022 0 5	0	5
How do i pick the first and last value in a table with one column I am doing a CTF that provides logs to filter and work through, one of the questions asks for the time period between... by khalidpunk New Member in Splunk Search 02-01-2022 0 1	0	1
How to remove duplicate value from one column and do addition of corresponding values in another column I have 2 columns 1 has application name another has number of instances . I want to remove duplicate application nam... by shaileshransing Engager in Splunk Search 02-01-2022 0 2	0	2
Search blocked by license notice Hello,We recently installed Splunk, we thought we had a free license, however we got a notice that we have exceeded t... by scarpio Explorer in Splunk Search 02-01-2022 0 5	0	5
how to move a value into adjacent row Hello,I have a condition when the variable new_tag of the previous row is equal to 1 and the variable test_tag of the... by crmarley20 Explorer in Splunk Search 02-01-2022 0 2	0	2
How could I adjust the time to only show the yyyy/mm/dd/hour/minute? Hi, all!Here's my current time format! How could I adjust into the format from 2022-01-20 18:21:19,448 to 2022-01-20 ... by Jennifer Path Finder in Splunk Search 02-01-2022 0 2	0	2
"StatsFileWriterLz4 file open failed" error after upgrade to 8.2.3 when searching After upgrading our environment from 8.1.3 to 8.2.3, some searches return "StatsFileWriterLz4 file open failed". Our ... by podegard Engager in Splunk Search 02-01-2022 1 1	1	1
help to retrieve a token value in a dropdown list HiI launch a dashboard from another dashboard when I click on the field "Site"/app/spl_pub_dashboard/bib_reg?Site=$cl... by jip31 Motivator in Splunk Search 02-01-2022 0 2	0	2
Timewrap with specific time range Hi,Iam a newbie and have just started exploring the power of splunk. My below query works fine except that I need the... by bmer Explorer in Splunk Search 02-01-2022 0 3	0	3
Splunk Event difference calculation hi,i am using the below query to list the bootup time and downtime based on event code.. but if the bootuptime shows ... by priya1926 Path Finder in Splunk Search 01-31-2022 0 3	0	3
AVG command with WHERE statement Hello All, I am trying to calculate the Average of a column, but i want it to ignore all values that are equal to 0. ... by Marco_Develops Path Finder in Splunk Search 01-31-2022 0 3	0	3
Json data fields are not extracting properly Cisco logs with json format is not extracting properly. I tried from GUI using this kv delims in search and they are ... by srivenna Engager in Splunk Search 01-31-2022 0 0	0	0
Need help on creating table I have table like below using my splunk query.Request1_tpsRequest1_avgRequest1_p95Request1_p90Request2_tpsRequest2_av... by maanick87 Loves-to-Learn Lots in Splunk Search 01-31-2022 0 12	0	12
How to extract the following word from the sentence Hi All,I want to extract the following word from sentence:nodeUrl=https://sappbos.aexp.com/odata.svc/v1.0/BlazeoData/... by aditsss Motivator in Splunk Search 01-31-2022 0 2	0	2
I want to limit the search that matches the values which are a part of lookup I want to limit the search that matches the "dest" values which are a part of lookupCurrently I am getting all events... by innoce Path Finder in Splunk Search 01-31-2022 0 2	0	2