Splunk Search

Community Activity

	Search help - find total sum of lengths of array My current search returns a series of events like: {'field1' : {'field2' : [obj1, obj2, obj3]}}{'field1' : {'field2' ... by ys2119 Loves-to-Learn in Splunk Search 10-27-2021 0 3	0	3
	Filtering out HTTP/1.1 200 logs from being forwarded to splunk. Hi,We have a large amount of data in /opt/app/axtract_fe1/var/log/apache2/main_collector_access-*.log file, and we do... by ssoftility Loves-to-Learn in Splunk Search 10-27-2021 0 1	0	1
	command "where" not working the "where" command checks only one condition doesn't work like thatmy search:. . . . \| where NOT (id_old = id OR use... by gitingua Communicator in Splunk Search 10-27-2021 0 9	0	9
	How do I properly configure schedule search/cron/alert times? This question is based on a comment from @woodcock on this post: https://community.splunk.com/t5/Splunk-Search/Why-ar... by jackjack Path Finder in Splunk Search 10-27-2021 0 1	0	1
	Test by GustavMahler Explorer in Splunk Search 10-27-2021 0 1	0	1
	Subsearch in splunk Is there any way we can add some filter in subsearch savedsearch so that we wont skip any data/records as its limitin... by Prachi_Chatur Observer in Splunk Search 10-27-2021 0 1	0	1
	search user check It is necessary to check if the user is in the index in this file or not. If not, then add to the file, if it is in t... by gitingua Communicator in Splunk Search 10-27-2021 0 5	0	5
	extract errorcode HiHere is th e log:2021-10-26 08:17:19,117 WARN AbCD-App2-0000 [SqlExceptionHelper] SQL Error: -268, SQLState: 230002... by indeed_2000 Motivator in Splunk Search 10-27-2021 0 3	0	3
	How to chance color of the row based on field name Hi experts,i have below table.. how do i change background colour of the row where error Categories = Total_error_rat... by saravana22 Explorer in Splunk Search 10-27-2021 0 3	0	3
	How to pass Input Tokens as arguments to custom search - js-python script Dear community,I have been trying to integrate splunk for my scripting purpose for some time now and it's time to rea... by Bart Explorer in Splunk Search 10-26-2021 0 1	0	1
	How to split the call based on TimeTaken I would like to create a Pie chart to show how many calls took less than 100ms, 200ms, and 300ms. index=star env=prod... by marinewcreater Explorer in Splunk Search 10-26-2021 0 4	0	4
	extract all "cause by" HiI have lots "Caused by:" in (single or multiple) eventsHow extract all line that contain "Caused by:"like this:Cau... by indeed_2000 Motivator in Splunk Search 10-26-2021 0 4	0	4
	How can I generate a search to find hosts which are missing a certain sourcetype? I have a sourcetype which is a log created by the AV application on the host. I would like to find hosts which are mi... by systemsatpayzon Path Finder in Splunk Search 10-26-2021 0 5	0	5
	use lookup file inside if statement Hi, I'm trying to use a lookup file inside an if statement, and it doesn't return any data. I would appreciate it if ... by Sharzi Explorer in Splunk Search 10-26-2021 0 1	0	1
	Duration of spike I am trying to determine the length of spike to see if it goes beyond our requirements. Here is a test of my search:i... by bkowen Observer in Splunk Search 10-26-2021 0 0	0	0
	ERROR AdminManagerDispatch - Admin handler 'alert_manager' not found. Hi everyone.I was watching some events from the internal logs and I saw so many events related to "ERROR AdminManager... by saraque Observer in Splunk Search 10-26-2021 0 0	0	0
	Regex for a nullQueue multiple strings I am trying to set a regex that works when i use say regexr.com but doesn't apply in my transforms/props file.I am wa... by agentguerry Path Finder in Splunk Search 10-26-2021 0 5	0	5
	Limiting a Search by number of events over a period of time I am trying to search for a number of events over a select period of time (4 hours) and then expand that to see how m... by RyanDonnelly22 Explorer in Splunk Search 10-26-2021 0 1	0	1
	How can I use block or line comments to test the intermediate output of a multiline splunk query? https://docs.splunk.com/Documentation/SCS/current/Search/Comments says that we may use block comments or line comment... by codekiln Explorer in Splunk Search 10-26-2021 0 1	0	1
	The file a bug link is broken The file a bug link under the help menu goes here: http://www.splunk.com/r/bugsIf you go there it asks you to log in... by sixcorners Loves-to-Learn Lots in Splunk Search 10-26-2021 0 0	0	0
	New search button is really slow When I click new search in the context menu it opens a new tab with a search with the single field I click on. The ne... by sixcorners Loves-to-Learn Lots in Splunk Search 10-26-2021 0 4	0	4
	json_extract returns zero results - why? I have a JSON-based log file for which every line is a valid JSON document. When searching it like this:source="/path... by codekiln Explorer in Splunk Search 10-26-2021 0 2	0	2
	distinct count of specific words with replacing them with another word Hi,I have logs coming with server names listed into it and my requirement is to the distinct count of server by assig... by amitkore3483 New Member in Splunk Search 10-26-2021 0 2	0	2
	Append fields to table after using xyseries. This question is related my previous post.https://community.splunk.com/t5/Splunk-Search/XML-field-Extraction/m-p/5719... by anooshac Communicator in Splunk Search 10-26-2021 0 4	0	4
	How to assign a field value to other events that fulfill a certain condition? Greetings dear Splunk Community, I'll try to keep it short and simple:I have a Query that gets multiple fields, but o... by Cydraech Explorer in Splunk Search 10-26-2021 0 2	0	2