Splunk Search

Community Activity

	How do I add an additional calculation to a chart? Hello, I have two separate chart calculations that I would like to combine into a single chart. The first is an avg... by andrewtrobec Motivator in Splunk Search 10-15-2021 0 7	0	7
	Multiple clause table Hey all, I got a really helpful response last time and now I'm back with another question. I have a search with the s... by Brainstorms Explorer in Splunk Search 10-15-2021 0 3	0	3
	REST API output_mode='json' causes client search error responses to be suppressed I've been working with the /services/search/jobs/export API recently and I noticed that setting the output mode to 'j... by phoellig New Member in Splunk Search 10-15-2021 0 0	0	0
	Splunk query to check for S3 Buckets in AWS using PutBucketPolicy Can someone help me to build a search query for the below use case ? My use case is to detect if any S3 buckets have... by neerajs_81 Builder in Splunk Search 10-15-2021 0 10	0	10
	Limit timechart from lookup table Hello all,I'm using a lookup table with a _time field to create a timechart which works great. However, the lookup t... by humanBeing Engager in Splunk Search 10-15-2021 0 1	0	1
	Search to find Agent/Server with No "Reconnect" Event Hi, I am hoping to get some help in creating a search, which will be turned into an alert - I am working with system ... by Johnstone234 Loves-to-Learn in Splunk Search 10-15-2021 0 8	0	8
	Find the good/bad percentage of ERRORS above/below average Hi Experts, As part of an new initiative looking at SLO metrics. I have created the below query whi... by luckyman80 Path Finder in Splunk Search 10-15-2021 0 0	0	0
	rex field message Hiwhat is the rex for thisfield1=this is messagehere is the log:00:09:59.990 app module: AB[0000]: Data[{"code":"OK",... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	find NOCLOSESESSION in logs daily HiI have two field on my logfile <servername> <CLOSESESSION> need to know when CLOSESESSION is 0 each day by serverna... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 9	0	9
	rex for three fields hi what is rex for these three fields?here is the log:2021-10-14 12:51:20,412 INFO [APP] log in : A12345@#4321@califo... by indeed_2000 Motivator in Splunk Search 10-15-2021 0 1	0	1
	search all another field from a search result of grouping by another field in another search We have multiple TraceIDs that have same payload and this payload is part many logs for a given TraceID. Here foo1 is... by krishna81m Engager in Splunk Search 10-14-2021 0 2	0	2
	how to get stats count from 3 multile-value fields Hi team,I have below kind of data in splunk, it contains 3 fields ISRF, DSRF and DSFF. they are all multi-value fiel... by cheriemilk Path Finder in Splunk Search 10-14-2021 0 2	0	2
	Total duration of multiple events Hello Splunk Community,Can anyone help me build a query based on the below;I have a batch job that has multiple steps... by zoebanning Path Finder in Splunk Search 10-14-2021 0 2	0	2
	How do I get a complete list of all Hosts ( Win & Linux) , their time zones & current date & time please? SPL? Is there an SPL to list all my Hosts (Win & Linus), version of their UF, date & time & TZ please? Thanks a million. by SamHTexas Builder in Splunk Search 10-14-2021 0 3	0	3
	Passing Multivalue Fields Through Map Command I have a dashboard used for generating data for reports. Since its initial build, I've been going back and revamping ... by dcsteve24 Explorer in Splunk Search 10-14-2021 0 3	0	3
	Zoom to selection I know that 'Zoom out' will make the search to re-execute but I am not sure about 'zoom in' or 'zoom to select'. Kind... by palisetty Communicator in Splunk Search 10-14-2021 0 9	0	9
	Why am I getting incorrect stats count in my search? I'm trying to display a total count for each value found in attributes.eventtype field and group them by the attribut... by surly78 Loves-to-Learn Lots in Splunk Search 10-14-2021 0 6	0	6
	Query to find Duplicate fields in Splunk Hello, We received data from Alicloud and found there are alot of duplicate fields populate in Interesting fields lik... by sahiltcs Path Finder in Splunk Search 10-14-2021 0 0	0	0
	earliest and latest value from a chart Hello community,I am searching since few days a solution to display the earliest and latest value from a chart into a... by nSphere New Member in Splunk Search 10-14-2021 0 1	0	1
	Account status -> bypassed, is it enabled? Hi,We have status in one log type, where we would like to track if account is in state: bypassedExample:2021-13-10 us... by jbanAtSplunk Communicator in Splunk Search 10-14-2021 0 2	0	2
	Find events that not occurred daily by servername HiHow can I find events that not occurred daily? Here is the scenario I have two field on my logfile <servername> <CL... by indeed_2000 Motivator in Splunk Search 10-14-2021 0 3	0	3
	rex for extract codes hiwhat is the rex for extract all brackets contain this pattern[AB_123] [ZXY_987]1-check all brackets if start with A... by indeed_2000 Motivator in Splunk Search 10-14-2021 0 1	0	1
	Splunk query to find amount of data purged based on retention We know the amount of data ingested daily from the Splunk internal logs and the License dashboard, but we're trying t... by nmohammed Builder in Splunk Search 10-14-2021 0 3	0	3
	Comparing IP Addresses for differences Hi All,I'm trying to create a search, to potentially be made into a monitoring rule later on.What I am trying to achi... by swright_rl Explorer in Splunk Search 10-14-2021 0 0	0	0
	Splunk DB Connect 3.6 Duplicate, Miss Data when sync a larger table around 1000 TPS Hi,I am using splunk DB connect 2.1.4 to get data from A table in Oracle database, (table with around 1000 transactio... by dailv1808 Path Finder in Splunk Search 10-14-2021 0 2	0	2