Splunk Search

Community Activity

Join two data sets to report their event times want to report a pattern for each day and grab event times from different logs for that pattern , tried something lik... by sashpdhar Explorer in Splunk Search 11-28-2021 0 4	0	4
Search for a specific pattern and report earliest and latest occurence of that each day Team -looking for ideas how to achieve the below scenarioQuery 1 - get list of unique patterns for each dayQuery 2 - ... by sashpdhar Explorer in Splunk Search 11-28-2021 0 6	0	6
How to show markers on a map? I have many different machines that move around the country (USA), each with its own GPS lat and long coordinates. I'... by monacledpotato Explorer in Splunk Search 11-28-2021 0 8	0	8
Add value from sub search into the result set of the main search I've a sub search on an SMTP log to get all TO and FROM values together with the status. Unfortunately TO and FROM ar... by Joerg Explorer in Splunk Search 11-28-2021 0 5	0	5
Query Rex Hello Am a newbie and am looking to extract data from a sample set that looks like this (its ingested in JSON):{<!-- --> le... by StepneyGeezer Explorer in Splunk Search 11-28-2021 0 4	0	4
R Language support? Hi There, For engineers who are familiar with R programming language, is there add-ons for R Language support? e.g. ... by melonman Motivator in Splunk Search 11-27-2021 0 8	0	8
regex help hello my friends. how using regex can delete everything in bold {"test": " {<!-- --> \n \"data\": \"check\",\n \"git_branc... by gitingua Communicator in Splunk Search 11-27-2021 0 2	0	2
Search date range that returns last 4 full hours Is it possible to do a search that returns the last 4 full hours? Meaning, if it is 5:13 PM it would return results b... by mbtsoltis Explorer in Splunk Search 11-26-2021 0 1	0	1
timechart Hi,I am just taking the total count of incident using stats command form the json and the query is working fine. But ... by mm12 Explorer in Splunk Search 11-26-2021 0 3	0	3
Issues for Splunk data collection with Python splunk-sdk package I experienced the following 3 issues when collecting Splunk data with Python splunk-sdk package.The 1st issue is: dur... by bergen288 Engager in Splunk Search 11-26-2021 0 2	0	2
Top Command not Returning Results I am using a chart command to get a list of IP's and servers with an error. I am attempting to only get the top 10 re... by SMM10 Explorer in Splunk Search 11-26-2021 0 4	0	4
how to assign new field for sum(fields) for further calculations Hi ,My query is like below, index=s sourcetype=Fire\| fillnull value=""\| eval OS=case(like(OS,"%Windows%"),"Windows",l... by dtccsundar Path Finder in Splunk Search 11-25-2021 0 1	0	1
Help searching dataset with a date field Hi I'm looking to search a dataset to returns entries from yesterday's date based off a date field which has been con... by solaced Explorer in Splunk Search 11-25-2021 0 3	0	3
Help with time conversion needed Hello,We have a chart in the dashboard, where the x-axis is the time. We defined a drilldown, where the $ts$ token sh... by damucka Builder in Splunk Search 11-25-2021 0 17	0	17
Eval error, reason unknown Good afternoon everyone! I'm hoping someone can assist in shedding some light on the following issue.I'm getting the ... by Kenhyper Explorer in Splunk Search 11-25-2021 0 6	0	6
how to get line chart(timechart) for 2 fields Hi,I have to create a trending chart for 30 days using the below search .I am not getting the trending using timechar... by dtccsundar Path Finder in Splunk Search 11-25-2021 0 1	0	1
Is it possible to email alerts with only an attachment, so without "view results" and "alert" links? I know there is an option "advanced search" but I can't find an option there to exclude the links by rrovers Contributor in Splunk Search 11-25-2021 0 2	0	2
Error in 'eval' command: The expression is malformed. Expected AND. Hello,I am trying to execute the following query but keep getting... Error in 'eval' command: The expression is malfo... by woodencraft Loves-to-Learn in Splunk Search 11-25-2021 0 6	0	6
Split merged events Hello Splunk Community, I have a merged event which shows if a service is running or down. Here is an example of the... by zoebanning Path Finder in Splunk Search 11-24-2021 0 2	0	2
Hello Experts, I would like to take report for employees who are completed four different certification courses I would like to take report for employees who are completed four different certification courses from my data. For ex... by Ashwini_5 Explorer in Splunk Search 11-24-2021 0 7	0	7
Added data issues Greetings,I was told by my instructor to use your product for an assignment, however, I am not getting the results th... by malleva New Member in Splunk Search 11-24-2021 0 1	0	1
two search queries with join not working I have two separate search queries which are working separately but when i am trying to get data by joining them its ... by lovelyshrm421 Explorer in Splunk Search 11-24-2021 0 16	0	16
Search comparison not working Hi - I have some data that looks like this, which ingests into splunk with no issues at all 11/24/2021 08:47:21.321... by randy_moore Path Finder in Splunk Search 11-24-2021 1 3	1	3
how to extract extract wildcard key name in nested json Sample JSON { message: { application: hello deploy: { X: { A: { QPY: 14... by crazymonkey Observer in Splunk Search 11-24-2021 0 6	0	6
assign the value to another variable and set an alert hello,I would like to ask a question on how to assign the value to another variable and set an alert.I have a this da... by ycho1 Explorer in Splunk Search 11-24-2021 0 4	0	4