Splunk Search

Community Activity

Why does Splunk Web sometimes not show the event data for a search unless I restart? Splunk Web doesn't show the events at times. If I restart and log in, it will show the events, but after some time, e... by boopaljothi Explorer in Splunk Search 11-17-2021 1 24	1	24
Color a word in a field/Splunk Result I have a Splunk query: index=my_index cf_app_name=$app_name$ msg!="Hikari" $log_type$ \| sort -_time \| table msg It ... by kirti_gupta12 Path Finder in Splunk Search 11-17-2021 0 1	0	1
How to use NOT match condition in Case statement for Multi valued field \|eval SNOW_Description=case(EMGC_ADMINSERVER_Status!="k1","Java Process EMGC_ADMINSERVER data not available in splunk... by manjunath_0208 Loves-to-Learn Everything in Splunk Search 11-17-2021 0 3	0	3
Convert confusion matrix to tabular form Hi,I am trying to convert the result of applying the CorrelationMatrix algorithm which is given in a confusion matrix... by dalmaua Explorer in Splunk Search 11-17-2021 0 2	0	2
SEDCMD to remove spaces in csv header fields what's the best way to set a sedcmd in props to remove spaces and add a " _ " in just the a cvs header line? for exam... by sbattista Explorer in Splunk Search 11-17-2021 0 2	0	2
Issue with Time Conversion in JSON String Hey ,I'm trying to get the time difference between when an event was received and a string representation of the tim... by leftrightleft Explorer in Splunk Search 11-17-2021 0 2	0	2
Convert single row with list of ids to a table and join it with another table I have this query: my search \| rex field=line ".*customerId\":(?<customer_id>[0-9]+)" \| dedup customer_id \| table ... by elad Engager in Splunk Search 11-17-2021 0 8	0	8
Table and Percentage Calculation from Multiple Searches Here is my query - I'm doing two searches that are independent of each other. In both searches, I'm restricting the t... by splunkbn00bie Engager in Splunk Search 11-17-2021 0 2	0	2
Timechart with eventtype Hello, I am trying to timechart two event types ONLY: heartbeat and start. However, every event in our Splunk is also... by noman377 Explorer in Splunk Search 11-17-2021 0 5	0	5
File monitor Hello,We have a problem with the monitoring of a simple file with five fields.The problem is on the date field that S... by thierryazandegb Observer in Splunk Search 11-17-2021 0 2	0	2
Extraction failing on certain events Hello all, I have been facing problem with the below extraction where the extraction is working on a few events and n... by srinivas_gowda Path Finder in Splunk Search 11-17-2021 0 1	0	1
Dynamic time range in Splunk query HiI write the Splunk query below to monitor server logindex="abc" sourcetype="abc" login "response.status"=200 source... by lamnguyentt1 Explorer in Splunk Search 11-17-2021 0 1	0	1
Splunk rex help I need help for extracting the below fields. can someone help..reference = 205, \"sample\":12345678, \"logic\":\"AB00... by jabez2092 Loves-to-Learn in Splunk Search 11-17-2021 0 3	0	3
Date and Time format for not an epoch format Hello all, I have been getting the data and time format in the below way. How do I convert it to the given readable f... by srinivas_gowda Path Finder in Splunk Search 11-17-2021 0 1	0	1
How to override the 20 line limit for the table view of embedded reports? Hi, It looks like a table view of an embedded report is limited to the first 20 results. I couldn't find any place w... by grundsch Communicator in Splunk Search 11-16-2021 7 8	7	8
How to add a lapsed time to a field's timestamp Howdy,Been researching on how to give time for the next sequential event to occur, but have not found a way. Lets say... by MeMilo09 Path Finder in Splunk Search 11-16-2021 0 2	0	2
Filter splunk results into a List I have a Splunk query that parses the msg field, fetches the fields from the result and displays them in a table. PFA... by kirti_gupta12 Path Finder in Splunk Search 11-16-2021 0 1	0	1
Filter the Splunk results into a visualization I have Splunk results in following format: 2021-11-13 01:02:50.127 ERROR 23 --- [ taskExecutor-2] c.c.p.r.service.Red... by kirti_gupta12 Path Finder in Splunk Search 11-16-2021 0 12	0	12
Remove timestamps using regex Hi Splunk Community,It's been a while since I've last used Splunk and regex, and now I'm struggling with both Fields... by oliverpeloton23 Engager in Splunk Search 11-16-2021 0 2	0	2
Streamstats vs autoregress Hello.I've noticed that in many solutions when there is a need for a value from previous row, streamstats with window... by PickleRick SplunkTrust in Splunk Search 11-16-2021 0 2	0	2
Unable to subtract one days hours from previous days to create TimeChart I am trying to create a Timechart that will list out the TotalHours of that day and then subtract the previous days T... by keezy713 Loves-to-Learn in Splunk Search 11-16-2021 0 5	0	5
how to compare 2 sourcetypes and fill data accordingly in a field Hi,I have 2 sourcetypes with same index like ( index=A sourcetype= compare and index=A sourcetype= Fire)i am doing ou... by dtccsundar Path Finder in Splunk Search 11-16-2021 0 2	0	2
Extract username with dash (-) Field from event Hello Everyone, I'm trying to extract usernames from the logs of a proftpd.An event looks like this:2021-11-16 16:17:... by miberecz Loves-to-Learn in Splunk Search 11-16-2021 0 4	0	4
Data model in custom search Hi all,I have a doubt regarding the datamodel use.In Splunk Foundamentals 2 course, I got what Data Models is and how... by SIEMStudent Path Finder in Splunk Search 11-16-2021 0 1	0	1
Query return Zero Events Hi All,I have query which return all the events for two Hybris pods. When I am using stats it shows the number of eve... by manpreetsingh29 Loves-to-Learn Lots in Splunk Search 11-16-2021 0 3	0	3