Splunk Search

Community Activity

	AVG command with WHERE statement Hello All, I am trying to calculate the Average of a column, but i want it to ignore all values that are equal to 0. ... by Marco_Develops Path Finder in Splunk Search 01-31-2022 0 3	0	3
	Json data fields are not extracting properly Cisco logs with json format is not extracting properly. I tried from GUI using this kv delims in search and they are ... by srivenna Engager in Splunk Search 01-31-2022 0 0	0	0
	Need help on creating table I have table like below using my splunk query.Request1_tpsRequest1_avgRequest1_p95Request1_p90Request2_tpsRequest2_av... by maanick87 Loves-to-Learn Lots in Splunk Search 01-31-2022 0 12	0	12
	How to extract the following word from the sentence Hi All,I want to extract the following word from sentence:nodeUrl=https://sappbos.aexp.com/odata.svc/v1.0/BlazeoData/... by aditsss Motivator in Splunk Search 01-31-2022 0 2	0	2
	I want to limit the search that matches the values which are a part of lookup I want to limit the search that matches the "dest" values which are a part of lookupCurrently I am getting all events... by innoce Path Finder in Splunk Search 01-31-2022 0 2	0	2
	two search result at the same time I want to have a search, the output of which is the next search stream, provided that each occurred at a common time.... by khanlarloo Explorer in Splunk Search 01-31-2022 0 4	0	4
	Need to print 2 counts with different time intervals Hi Team,I need to use print two values from an index with different earliest values. please find the below example.in... by bapun18 Communicator in Splunk Search 01-31-2022 0 3	0	3
	How to mvzip two JSON Arrays I am trying to find frequently used search filters from my application log.I have written a below query to extract a ... by druid1123 New Member in Splunk Search 01-31-2022 0 1	0	1
	Rest API quote escape Hi guysI'm trying to run a search to the /jobs endpoint. however I get a bash: syntax error near unexpected token `('... by zubairaizatron Explorer in Splunk Search 01-30-2022 0 2	0	2
	REST API tstats results slow Hi guysI am definitely a splunk novice. I want to run a search with the splunk REST API. it is a tstats on a datamode... by zubairaizatron Explorer in Splunk Search 01-30-2022 0 0	0	0
	Stats based on Case I'm still new, and struggling with the following. I am looking at a set of data from three probes. If all three probe... by Jamie2Jamie Loves-to-Learn Lots in Splunk Search 01-30-2022 0 1	0	1
	How could I edit my search command in order to filter this table which will display the earliest time of the same value( Hi, all!How could I edit my search command in order to filter this table which will display the earliest time of the ... by Jennifer Path Finder in Splunk Search 01-30-2022 0 1	0	1
	rex to combine result HiI have two field that extract send & rec like this:\| rex "S\[(?<SEND>\w+\.\w+)" \| rex "R\[(?<REC>\w+\.\w+)" now hav... by indeed_2000 Motivator in Splunk Search 01-30-2022 0 0	0	0
	How to use rex to extract JSON text in "ip" keyValue pair? I have a json raw string from which I have to extract the "Source device","values":[{"ip": key a... by Raymundo Loves-to-Learn in Splunk Search 01-30-2022 0 5	0	5
	Trying to enrich data from IP addresses collected for a project Hello, I have been trying to find a way to get internet service provider (ISP) information from IPs collected from a ... by Antikythera Observer in Splunk Search 01-29-2022 0 0	0	0
	I'm new to splunk queries and how to create an alert using Linux commands on Splunk? I need to write a Splunk alert to check number of connections on a server. Using below Linux command I can get the re... by Vin Engager in Splunk Search 01-28-2022 0 1	0	1
	Deployed Apps Search I would like to determine how many times an app on a deployment server has been deployed. I'm not concerned with the... by jason_hotchkiss Communicator in Splunk Search 01-28-2022 0 1	0	1
	Update CSV source without duplicates I have csv data( source .csv file with sourcetype=csv ) which I need to update every week. Problem is that I might g... by arusoft Communicator in Splunk Search 01-28-2022 0 20	0	20
	Why do I get different results from save search Hi, I have a customer who is exporting data via the REST API, and getting different results from the same time perio... by a212830 Champion in Splunk Search 01-28-2022 0 11	0	11
	How to divide a value from a string into fields? I have value in field:value: 10,5 CC,00136;CY,00004;JE,00004;QK,00004Where CC,CY,JE - type message and there are mor... by Luninho Explorer in Splunk Search 01-28-2022 0 2	0	2
	Creating tags error: Parameter "name" must be less than 1024 characters. I have some data that their event field is sometimes... lengthy (not always) so when I try to tag the events of inter... by npavlidis Engager in Splunk Search 01-28-2022 0 0	0	0
	Using Eval to Filter Values Hello Splunkers - I am trying to filter any value that is wrapped in $, such as $host$or $value$. I thought the belo... by jason_hotchkiss Communicator in Splunk Search 01-28-2022 0 4	0	4
	Graph total events over time Hi all,Im attempting to create a graph that plots total number of events over time. I have tried various usages of ti... by chrisdev Explorer in Splunk Search 01-28-2022 0 1	0	1
	rex for http2 field in log In the following log entry as "_raw":"OPTIONS /nnrf-nfm/v1 HTTP/2.0" 405 173 "-" "gmlc-http-client/2.0" "-" I have su... by he204035 Explorer in Splunk Search 01-28-2022 0 3	0	3
	Splunk data doesn't split correctly Hi Splunk team, When I used Splunk to search the log data and found it didn't split correctly, It displayed as below:... by zhoayang Engager in Splunk Search 01-28-2022 0 2	0	2