Splunk Search

Community Activity

"StatsFileWriterLz4 file open failed" error after upgrade to 8.2.3 when searching After upgrading our environment from 8.1.3 to 8.2.3, some searches return "StatsFileWriterLz4 file open failed". Our ... by podegard Engager in Splunk Search 02-01-2022 1 1	1	1
help to retrieve a token value in a dropdown list HiI launch a dashboard from another dashboard when I click on the field "Site"/app/spl_pub_dashboard/bib_reg?Site=$cl... by jip31 Motivator in Splunk Search 02-01-2022 0 2	0	2
Timewrap with specific time range Hi,Iam a newbie and have just started exploring the power of splunk. My below query works fine except that I need the... by bmer Explorer in Splunk Search 02-01-2022 0 3	0	3
Splunk Event difference calculation hi,i am using the below query to list the bootup time and downtime based on event code.. but if the bootuptime shows ... by priya1926 Path Finder in Splunk Search 01-31-2022 0 3	0	3
AVG command with WHERE statement Hello All, I am trying to calculate the Average of a column, but i want it to ignore all values that are equal to 0. ... by Marco_Develops Path Finder in Splunk Search 01-31-2022 0 3	0	3
Json data fields are not extracting properly Cisco logs with json format is not extracting properly. I tried from GUI using this kv delims in search and they are ... by srivenna Engager in Splunk Search 01-31-2022 0 0	0	0
Need help on creating table I have table like below using my splunk query.Request1_tpsRequest1_avgRequest1_p95Request1_p90Request2_tpsRequest2_av... by maanick87 Loves-to-Learn Lots in Splunk Search 01-31-2022 0 12	0	12
How to extract the following word from the sentence Hi All,I want to extract the following word from sentence:nodeUrl=https://sappbos.aexp.com/odata.svc/v1.0/BlazeoData/... by aditsss Motivator in Splunk Search 01-31-2022 0 2	0	2
I want to limit the search that matches the values which are a part of lookup I want to limit the search that matches the "dest" values which are a part of lookupCurrently I am getting all events... by innoce Path Finder in Splunk Search 01-31-2022 0 2	0	2
two search result at the same time I want to have a search, the output of which is the next search stream, provided that each occurred at a common time.... by khanlarloo Explorer in Splunk Search 01-31-2022 0 4	0	4
Need to print 2 counts with different time intervals Hi Team,I need to use print two values from an index with different earliest values. please find the below example.in... by bapun18 Communicator in Splunk Search 01-31-2022 0 3	0	3
How to mvzip two JSON Arrays I am trying to find frequently used search filters from my application log.I have written a below query to extract a ... by druid1123 New Member in Splunk Search 01-31-2022 0 1	0	1
Rest API quote escape Hi guysI'm trying to run a search to the /jobs endpoint. however I get a bash: syntax error near unexpected token `('... by zubairaizatron Explorer in Splunk Search 01-30-2022 0 2	0	2
REST API tstats results slow Hi guysI am definitely a splunk novice. I want to run a search with the splunk REST API. it is a tstats on a datamode... by zubairaizatron Explorer in Splunk Search 01-30-2022 0 0	0	0
Stats based on Case I'm still new, and struggling with the following. I am looking at a set of data from three probes. If all three probe... by Jamie2Jamie Loves-to-Learn Lots in Splunk Search 01-30-2022 0 1	0	1
How could I edit my search command in order to filter this table which will display the earliest time of the same value( Hi, all!How could I edit my search command in order to filter this table which will display the earliest time of the ... by Jennifer Path Finder in Splunk Search 01-30-2022 0 1	0	1
rex to combine result HiI have two field that extract send & rec like this:\| rex "S\[(?<SEND>\w+\.\w+)" \| rex "R\[(?<REC>\w+\.\w+)" now hav... by indeed_2000 Motivator in Splunk Search 01-30-2022 0 0	0	0
How to use rex to extract JSON text in "ip" keyValue pair? I have a json raw string from which I have to extract the "Source device","values":[{"ip": key a... by Raymundo Loves-to-Learn in Splunk Search 01-30-2022 0 5	0	5
Trying to enrich data from IP addresses collected for a project Hello, I have been trying to find a way to get internet service provider (ISP) information from IPs collected from a ... by Antikythera Observer in Splunk Search 01-29-2022 0 0	0	0
I'm new to splunk queries and how to create an alert using Linux commands on Splunk? I need to write a Splunk alert to check number of connections on a server. Using below Linux command I can get the re... by Vin Engager in Splunk Search 01-28-2022 0 1	0	1
Deployed Apps Search I would like to determine how many times an app on a deployment server has been deployed. I'm not concerned with the... by jason_hotchkiss Communicator in Splunk Search 01-28-2022 0 1	0	1
Update CSV source without duplicates I have csv data( source .csv file with sourcetype=csv ) which I need to update every week. Problem is that I might g... by arusoft Communicator in Splunk Search 01-28-2022 0 20	0	20
Why do I get different results from save search Hi, I have a customer who is exporting data via the REST API, and getting different results from the same time perio... by a212830 Champion in Splunk Search 01-28-2022 0 11	0	11
How to divide a value from a string into fields? I have value in field:value: 10,5 CC,00136;CY,00004;JE,00004;QK,00004Where CC,CY,JE - type message and there are mor... by Luninho Explorer in Splunk Search 01-28-2022 0 2	0	2
Creating tags error: Parameter "name" must be less than 1024 characters. I have some data that their event field is sometimes... lengthy (not always) so when I try to tag the events of inter... by npavlidis Engager in Splunk Search 01-28-2022 0 0	0	0