Splunk Search

Community Activity

	Filtering out NULL values after stats not working I am trying to filter out null values from the result of stats. Query looks like below. index=someindex* some ((s... by tumapath New Member in Splunk Search 10-20-2021 0 1	0	1
	Write a request Need help writing a requestfile1.csv usernamesrc_ipJohn192.168.16.35Smith172.167.3.43Aram132.56.23.3 file2.csvIP addr... by gitingua Communicator in Splunk Search 10-20-2021 0 3	0	3
	Clickable value in the output table HI There, Can i please know how make the REQUEST_ID clickable from the below query. i want pass the REQUEST_ID from q... by vadlamudi Explorer in Splunk Search 10-20-2021 0 1	0	1
	Splunk search returning where field equals one value only I have a field called alphabet that stores multiple values. I want to create a search that only returns events that h... by kishan2356 Explorer in Splunk Search 10-20-2021 0 2	0	2
	Calculate duration Hi how can i extract table like this: (“myserver” is a field that already extracted)source destination durat... by indeed_2000 Motivator in Splunk Search 10-20-2021 0 5	0	5
	Install MS SQL TA to convert and Ingest SQL trc binary files Hello,I have some SQL trc binary files need to be ingested into SPLUNK from SQL server where UF has already been inst... by SplunkDash Motivator in Splunk Search 10-20-2021 0 0	0	0
	Event time discrepancy When searching through certain sour ectypes and indexes, seeing a discrepancy between time and date for event time. S... by nbrazier21 Engager in Splunk Search 10-20-2021 0 1	0	1
	calculate duration Hineed to calcualte duration bettween each Out/In where A=A+100 B=B IDS=IDS00:03:02.067 app catZZ_DDP_AP: O[host]A[10... by indeed_2000 Motivator in Splunk Search 10-20-2021 0 11	0	11
	What should I feed to my summary Index? and how Should I extract fields for status, Amount and ID INFO \| 2021-10-18 05:17 AM \| BUSINESS RULE \| Payload for ID#: 58916 with status Approved is publishedSecond Eventmsg:... by hrishi_deshpand Explorer in Splunk Search 10-20-2021 0 1	0	1
	Lookup csv file different code with same meaning Hi I have csv file that contain my errorcodes and meaning of them. I import this csv as lookup.the problem is some co... by indeed_2000 Motivator in Splunk Search 10-20-2021 0 1	0	1
	Extraction not working as expected Hello team, I am trying to extract the below highlighted fields. However when I use the expression this is working ri... by srinivas_gowda Path Finder in Splunk Search 10-20-2021 0 1	0	1
	How to work out Percentage above an average threshold Hi Experts, As part of an new initiative looking at SLO metrics. I have created the below query whi... by luckyman80 Path Finder in Splunk Search 10-20-2021 0 5	0	5
	generated field in chart Hi, I have data with field names in the format:h00m00 h00m15 h00m30 h00m45 h01m00 .. thru h23m45I'd like to pull the... by mcaulsc Path Finder in Splunk Search 10-20-2021 0 1	0	1
	Windows Security events not getting forwarded Hello team, I am trying to monitor windows event logs and have installed the universal forwarded with relevant data. ... by srinivas_gowda Path Finder in Splunk Search 10-20-2021 0 3	0	3
	Help with splitting multiline event needed Hello,I read my data with the inputlookup command and try to count the different occurrences of the field fields.SID ... by damucka Builder in Splunk Search 10-20-2021 0 1	0	1
	PCs not scanned for more than 3 days Hello,This is my request: index=antivirus \| stats values(SAVVersion) as SAVVersion, values(EngineVersion) as Eng... by numeroinconnu12 Path Finder in Splunk Search 10-20-2021 0 2	0	2
	how to combine time chart and bar chart together Hi team,1. I have first query which return me below chart <baseQuery> \|timechart span=4w count(ACT) as countOfOpen... by cheriemilk Path Finder in Splunk Search 10-20-2021 0 0	0	0
	Correlation alert with multiple events Hi,I want to create a Correlation alert that will trigger and collect all the events from the same IP within a certai... by LIP Loves-to-Learn in Splunk Search 10-19-2021 0 1	0	1
	How to set default for search time picker in Splunk Cloud Does anyone know how to change the default time for ad-hoc searches from 30 minutes to 7 days in Splunk Cloud? I chan... by edgarrity Path Finder in Splunk Search 10-19-2021 0 0	0	0
	How to transpose rows of one column into multiple columns? I currently have multiple entries in the VALUES column for each host.The table currently looks like: hostnameVALUESHO... by cjkar Engager in Splunk Search 10-19-2021 0 2	0	2
	extract percentage of code by servername Hii have two field "servername" "code". i need to extract percent of code by servers.index="my-index" \| table servern... by indeed_2000 Motivator in Splunk Search 10-19-2021 0 4	0	4
	Determine number of concurrent queries with a 15-minute time bucket given query_duration Attached screenshot is a list of 15 query ids with started, ended, bstarted (15 minute bucket) and query duration. T... by lim2 Communicator in Splunk Search 10-19-2021 0 1	0	1
	How to create a Storage Account without a key or token I created an Access Policy in Azure. How do I configure the Storage Account to use the Access Policy https://docs.spl... by domingsb New Member in Splunk Search 10-19-2021 0 0	0	0
	Add column with last logon user to the table Hi,I have following table: ts actionfile_namesource_ip2021-10-12T09:34:08.910998ZFile Opentest10.0.0.14 I would like ... by raffal59 Loves-to-Learn Lots in Splunk Search 10-19-2021 0 5	0	5
	How to calculate a ratio by field value? I have some data like the following:NAMECodeSuzy0John0Adam1Suzy1John0Adam1 I am trying to calculate the ratio of code... by splunkuserCA1 Path Finder in Splunk Search 10-19-2021 0 3	0	3