Splunk Search

Community Activity

	Limit timechart from lookup table Hello all,I'm using a lookup table with a _time field to create a timechart which works great. However, the lookup t... by humanBeing Engager in Splunk Search 10-15-2021 0 1	0	1
	Search to find Agent/Server with No "Reconnect" Event Hi, I am hoping to get some help in creating a search, which will be turned into an alert - I am working with system ... by Johnstone234 Loves-to-Learn in Splunk Search 10-15-2021 0 8	0	8
	Find the good/bad percentage of ERRORS above/below average Hi Experts, As part of an new initiative looking at SLO metrics. I have created the below query whi... by luckyman80 Path Finder in Splunk Search 10-15-2021 0 0	0	0
	rex field message Hiwhat is the rex for thisfield1=this is messagehere is the log:00:09:59.990 app module: AB[0000]: Data[{"code":"OK",... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	find NOCLOSESESSION in logs daily HiI have two field on my logfile <servername> <CLOSESESSION> need to know when CLOSESESSION is 0 each day by serverna... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 9	0	9
	rex for three fields hi what is rex for these three fields?here is the log:2021-10-14 12:51:20,412 INFO [APP] log in : A12345@#4321@califo... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	search all another field from a search result of grouping by another field in another search We have multiple TraceIDs that have same payload and this payload is part many logs for a given TraceID. Here foo1 is... by krishna81m Engager in Splunk Search 10-14-2021 0 2	0	2
	how to get stats count from 3 multile-value fields Hi team,I have below kind of data in splunk, it contains 3 fields ISRF, DSRF and DSFF. they are all multi-value fiel... by cheriemilk Path Finder in Splunk Search 10-14-2021 0 2	0	2
	Total duration of multiple events Hello Splunk Community,Can anyone help me build a query based on the below;I have a batch job that has multiple steps... by zoebanning Path Finder in Splunk Search 10-14-2021 0 2	0	2
	How do I get a complete list of all Hosts ( Win & Linux) , their time zones & current date & time please? SPL? Is there an SPL to list all my Hosts (Win & Linus), version of their UF, date & time & TZ please? Thanks a million. by SamHTexas Builder in Splunk Search 10-14-2021 0 3	0	3
	Passing Multivalue Fields Through Map Command I have a dashboard used for generating data for reports. Since its initial build, I've been going back and revamping ... by dcsteve24 Explorer in Splunk Search 10-14-2021 0 3	0	3
	Zoom to selection I know that 'Zoom out' will make the search to re-execute but I am not sure about 'zoom in' or 'zoom to select'. Kind... by palisetty Communicator in Splunk Search 10-14-2021 0 9	0	9
	Why am I getting incorrect stats count in my search? I'm trying to display a total count for each value found in attributes.eventtype field and group them by the attribut... by surly78 Loves-to-Learn Lots in Splunk Search 10-14-2021 0 6	0	6
	Query to find Duplicate fields in Splunk Hello, We received data from Alicloud and found there are alot of duplicate fields populate in Interesting fields lik... by sahiltcs Path Finder in Splunk Search 10-14-2021 0 0	0	0
	earliest and latest value from a chart Hello community,I am searching since few days a solution to display the earliest and latest value from a chart into a... by nSphere New Member in Splunk Search 10-14-2021 0 1	0	1
	Account status -> bypassed, is it enabled? Hi,We have status in one log type, where we would like to track if account is in state: bypassedExample:2021-13-10 us... by jbanAtSplunk Communicator in Splunk Search 10-14-2021 0 2	0	2
	Find events that not occurred daily by servername HiHow can I find events that not occurred daily? Here is the scenario I have two field on my logfile <servername> <CL... by indeed_2000 Motivator in Splunk Search 10-14-2021 0 3	0	3
	rex for extract codes hiwhat is the rex for extract all brackets contain this pattern[AB_123] [ZXY_987]1-check all brackets if start with A... by indeed_2000 Motivator in Splunk Search 10-14-2021 0 1	0	1
	Splunk query to find amount of data purged based on retention We know the amount of data ingested daily from the Splunk internal logs and the License dashboard, but we're trying t... by nmohammed Builder in Splunk Search 10-14-2021 0 3	0	3
	Comparing IP Addresses for differences Hi All,I'm trying to create a search, to potentially be made into a monitoring rule later on.What I am trying to achi... by swright_rl Explorer in Splunk Search 10-14-2021 0 0	0	0
	Splunk DB Connect 3.6 Duplicate, Miss Data when sync a larger table around 1000 TPS Hi,I am using splunk DB connect 2.1.4 to get data from A table in Oracle database, (table with around 1000 transactio... by dailv1808 Path Finder in Splunk Search 10-14-2021 0 2	0	2
	wrong results for case statement with AND I used this eval statement with AND conditions but I'm only getting result as "Public" even when the condition satisf... by sam1010 Explorer in Splunk Search 10-14-2021 0 3	0	3
	Validating if 100 nodes are on boarded in splunk indexes or not. If not ? I have this task were I am successful in getting result sets from nodes that are present in my splunk instance.How ev... by jcorcoran508 Path Finder in Splunk Search 10-13-2021 0 2	0	2
	Merge 2 queries base on id Need some assistance from the experts.I have two queries below which I would like to merge on id.Query 1index=aws sou... by shrogers Loves-to-Learn Everything in Splunk Search 10-13-2021 0 3	0	3
	Splunk dashboard clickable table output Hi There, I have two queries [Query 1 and Query 2]. what i am planning to achieve is that when user clicks on the s... by vadlamudi Explorer in Splunk Search 10-13-2021 0 4	0	4