Splunk Search

Community Activity

	Looking for a faster search query: Count different platforms from somewhat same events Dear Splunk Community,I have the following search: index=websphere 200 OK POST And I have different platforms that I... by Bleepie Communicator in Splunk Search 10-08-2021 0 2	0	2
	Time difference between events and NULL when second event does not appear in logs I'm trying to figure out how to get the time difference between two events that use the same UUID. However, the secon... by bburns2122 Explorer in Splunk Search 10-07-2021 0 1	0	1
	Group many similar fields from datamodel Hello All,I have a large dataset "audit.cost_records" wherein I am trying to locate a correlation based on a large nu... by Justin49 Loves-to-Learn in Splunk Search 10-07-2021 0 3	0	3
	find users who hasnt logged in the past 30 days Hello! I have a lookup table with fields 'name' and 'last_login'. I'm trying to find users who haven't logged in the ... by iiix94 Loves-to-Learn in Splunk Search 10-07-2021 0 4	0	4
	Looping in Splunk... Trying to figure out how to loop in Splunk. I have the below query and my end result is to map/chart into a timechar... by sjringo Contributor in Splunk Search 10-07-2021 0 10	0	10
	Rex formatting trouble Hello again Spelunkers! So I have data that looks like this:assessment=normal [1.0]assessment=normal [1.1]assessment=... by MikeB Path Finder in Splunk Search 10-07-2021 0 2	0	2
	How to extract a particular string from the event logs Hi Guys, I have a scenario where i need to extract the file name from the event logs. The Event log first line ... by kumarnis45 Path Finder in Splunk Search 10-07-2021 0 16	0	16
	search in foreach subquery I have items visit log index with fields: category, item each event is a visitIn addition, I have an index with all i... by dmitrymi Observer in Splunk Search 10-07-2021 0 5	0	5
	Use event date to with an uploaded CSV events are loaded with different currency from different countries and we are trying to have a view converting the cu... by ModupeSebapole Engager in Splunk Search 10-07-2021 0 3	0	3
	Add a count from a different time period Hello, I'm trying to add the appearance of a certain value in my base search count. the value is "detatched". it is w... by avoelk Communicator in Splunk Search 10-07-2021 0 3	0	3
	Pie Chart with count+ DrillDown with click.value and replace https://answers.splunk.com/answers/562629/how-to-configure-pie-chart-to-display-count-within.htmlsame as above post, ... by saravana22 Explorer in Splunk Search 10-07-2021 0 2	0	2
	Extract sub string from address I have the following address, and I want to extract the substring.Address: 121, riverstreet, sydney, Australia.I want... by sndpgiri Engager in Splunk Search 10-07-2021 0 1	0	1
	Conditional search evaluation Hi , I am trying to get the day wise error count by data message only if the yesterdays error count is more than 50 .... by Tanmaya New Member in Splunk Search 10-07-2021 0 4	0	4
	Splunk stats count by two fields Hi Can anyone please help with this extracting stats count by two fields. I've below data in each transactiontype ... by srujan594 Loves-to-Learn in Splunk Search 10-06-2021 0 1	0	1
	first query table output as input to another query Hello, Can i please know how to parse the value to the 2nd query from the output of 1st query. Any help would be appr... by vadlamudi Explorer in Splunk Search 10-06-2021 0 1	0	1
	Mean Time To Triage i have this spl \| tstats `summariesonly` earliest(_time) as _time from datamodel=Incident_Management.Notable_Events_M... by ymalm188 Explorer in Splunk Search 10-06-2021 0 9	0	9
	Need to extract aws-region from host name Hi Team,I want to extract aws-region from host name. host= "my-service-name-.ip-101-99-126-252-us-west-2c". I want to... by smaran06 Path Finder in Splunk Search 10-06-2021 0 1	0	1
	pass variable and value to subsearch Hi AllI have a question and need to do the following:Search contidtion_1 from (index_1 ) and then get the value of fi... by Qingguo Engager in Splunk Search 10-06-2021 0 9	0	9
	Splunk - Output of one query as an input to another query Hi, I have two different queries running on same dashboard but a different panel. Below is the query one which res... by kumarnis45 Path Finder in Splunk Search 10-06-2021 0 14	0	14
	calculate percentage of a each ErrorCode field by servername Hihow can I calculate percentage of a each ErrorCode field by servername?here is the spl:index="my_index"\| rex field=... by indeed_2000 Motivator in Splunk Search 10-06-2021 0 3	0	3
	Looking for a splunk UberLegend to give me a man page on multireport I've seen a few of my colleagues recently use a command called multireport which seems to be largely undocumented to ... by mjones414 Contributor in Splunk Search 10-06-2021 0 1	0	1
	Sysmon Event Parsing I'm having trouble getting all the fields from sysmon automatically parse with the microsoft sysmon add in could some... by suspicious_link New Member in Splunk Search 10-06-2021 0 1	0	1
	How to display content from uploaded CSV Hii have uploaded a CSV file and would like to know if it is possible to only display the content in the file?Feature... by ModupeSebapole Engager in Splunk Search 10-06-2021 0 1	0	1
	Hide _raw instead of using a sed expression to trim _raw? Dear Splunk community,I am using rex to extract data from _raw and put it into new fields like so: [10/5/21 23:02:25... by Bleepie Communicator in Splunk Search 10-06-2021 0 2	0	2
	To merge rows of a column into one Hi All,I am trying to merge the rows of a column into one row for the below table:App_Name Country Last_Deployed Tem... by Mrig342 Contributor in Splunk Search 10-06-2021 0 2	0	2