Splunk Search

Community Activity

Field Extraction from complex events Hello,I have some issues extracting fields from the following raw event. I should be getting following fileds from th... by SplunkDash Motivator in Splunk Search 12-02-2021 0 5	0	5
specific field extraction from _raw event data/message I have event data from the search result in format as shown in the image, now I want to extract the following fields ... by ssamant007 Explorer in Splunk Search 12-02-2021 0 5	0	5
How to set a standard set for span values I have a dhasboard which should show buckets with number of machines by span of time. Machine A to F is used for 2 mi... by psmp Explorer in Splunk Search 12-02-2021 0 3	0	3
Parsing results of periodical directory dumps over time into a chart hi there!We have a daly push from Google over to our Splunk instance that provides directory information around total... by daryllj Path Finder in Splunk Search 12-02-2021 0 2	0	2
Parsing Results with spaces I have this output from a field, with a lot of blank spaces, what would it be the best way to convert this data into... by jaydiare Explorer in Splunk Search 12-02-2021 0 7	0	7
Monitor CPU, RAM, DISK, INBOUND and OUTBOUND NETWORK TRAFIC of forwarders Hello,I am posting here to know if anyone of you have an idea about the queries i have to search in order to save the... by israbenbr Explorer in Splunk Search 12-02-2021 0 9	0	9
space in values does not filter data I have data coming in where I have a field called Result which holds data as below1) "FAIL"2) " FAIL "3) "PASS"4) " P... by koreamit3483 Explorer in Splunk Search 12-02-2021 0 3	0	3
Extraction skipping within the value Hello all, I am trying to extract a field from the below event and the extraction is missing the last part of the fie... by srinivas_gowda Path Finder in Splunk Search 12-02-2021 0 1	0	1
Filter the results of the main search based on the field values from the subsearch. I have 2 independent queries run on 2 different index that give me a list of requestIds. I want to filter/not includ... by pkakodkar Loves-to-Learn in Splunk Search 12-02-2021 0 3	0	3
Distinct values Hello I am running a * search in an app and it returns several columns in the csv extract where a column is named 'so... by SplnkUse Path Finder in Splunk Search 12-02-2021 0 2	0	2
How to Formulate an if Function for a Simple Math Problem Hi There, I am probably making this more confusing for myself than it needs to be, but its a simple concept. Here is... by MeMilo09 Path Finder in Splunk Search 12-01-2021 0 1	0	1
eval with wildcard I am trying to use an eval but there is a wildcard so I noticed this does not work. Ho can I get this to work? I trie... by Mike6960 Path Finder in Splunk Search 12-01-2021 0 6	0	6
What does the action "sendmn" refer to? I'm running this search: \| rest/servicesNS/-/-/saved/searches \| search disabled=0 AND is_scheduled=1 AND eai:acl.sha... by CMSchelin Path Finder in Splunk Search 12-01-2021 2 1	2	1
Email from Splunk I have splunk search - index=cloud EventName: "Error Occurred" XChangeToSalesForce \| rename message as "Message" _tim... by viksvig Loves-to-Learn Lots in Splunk Search 12-01-2021 0 8	0	8
Split results into multiple charts Hello, I am creating a query for my proxy data. The idea is to show all categories that I want in multiple single val... by supersnedz Path Finder in Splunk Search 12-01-2021 0 1	0	1
space in values not filtering data on dashboard I have data coming in where I have a field called Result which holds data as below1) "FAIL"2) " FAIL "3) "PASS"4) " P... by koreamit3483 Explorer in Splunk Search 12-01-2021 0 2	0	2
Merging similar error strings this is similar to https://community.splunk.com/t5/Splunk-Search/Merging-with-similar-strings-without-eval/m-p/484972... by erica Explorer in Splunk Search 12-01-2021 0 9	0	9
join replacement with stats OK, I'm trying to improve performance by replacing some join queries with stats, but struggling on a filter.I have th... by mcaulsc Path Finder in Splunk Search 12-01-2021 0 11	0	11
Trellis Search Splunk's VisualizationTrellis documentation page shows example searches for things like count by sourcetype, and late... by JanetLong Engager in Splunk Search 11-30-2021 0 2	0	2
Change time field to show 'x' minutes ago? Hello Splunk Community, I have a stats table I have created and I want to change the time field ("%Y-%m-%d %H:%M:%S")... by zoebanning Path Finder in Splunk Search 11-30-2021 0 3	0	3
Why does my set union command result in two datasets and not just one? \| set union [ search index=my_index \| eval nums="1,2,3,4,5" \| fields - _* \| makemv delim="," nums \| stats values(nums... by onelasttime Engager in Splunk Search 11-30-2021 0 0	0	0
Append string to end of log file if regex match is true Im trying to get a way to have SED (via search) append a string to the raw log in the results window if a condition ... by jazzijeff New Member in Splunk Search 11-30-2021 0 2	0	2
How do you list top items for each group? I want to list the top 3 elements for each group. How would you do this? Examples Name score Jon 100 Jon ... by peterlandis Explorer in Splunk Search 11-30-2021 0 11	0	11
Filter Events that show value x and y by one that have matching z I am searching a source that has events that have FieldA and FieldB.I need to find which events that have specific Fi... by cn250039 Loves-to-Learn Lots in Splunk Search 11-30-2021 0 10	0	10
Rex field list of strings How do I extract all values from a json file containing a list with multiple strings with rex?The content of the fiel... by tjdevries Loves-to-Learn Lots in Splunk Search 11-30-2021 0 5	0	5