Splunk Search

Community Activity

	Color in a Table based on a row of numbers Hi, I have a Table created by: eval Actor=actor \|eval "Total Time (max/avg/p50/p99)"=maxT + ", " + avgT + ", " + p50T... by mfudali Explorer in Splunk Search 09-29-2021 0 1	0	1
	PROPS Configuration issues with unstructured Events stored in text file Hello,I have some issues in writing PROPS configuration file for the sample data/events given below. I have given 4 e... by SplunkDash Motivator in Splunk Search 09-29-2021 0 2	0	2
	recalculate format of mac address dependent on input Dear communityI am struggling with how to allow different format in a search input, but still finding the correspondi... by Ida_2017 Explorer in Splunk Search 09-29-2021 0 5	0	5
	Table command does not display field with spaces when used with INPUTLOOKUP Hello All,I have a search query that performs lookups against a CSV file and outputs only those hosts that are in the... by neerajs_81 Builder in Splunk Search 09-29-2021 0 2	0	2
	SPL to retrieve more fields Hi all,I am using splunk after a while and lost touch with the SPL. Please help me on below.I have about 40 fields to... by indut Path Finder in Splunk Search 09-29-2021 0 2	0	2
	How to sort a chart horizontally by a field from greatest to least? The search below gives me the following data: (ns=stats msg=email_unsub_clicks) OR (ns=email msg=fbl OR msg=send OR ... by metersk Path Finder in Splunk Search 09-29-2021 0 3	0	3
	lookup - append only columns with values Hi,I've got a lookup with a number of records, and not all of them have all columns populated. Is there a way to appe... by fedejko Explorer in Splunk Search 09-29-2021 0 0	0	0
	search for a string in field , if not there then trigger alert with remaining data in fields Hi,I want to check for a string in the field, but if the string is not found in the field then need to print the rema... by kirrusk Communicator in Splunk Search 09-29-2021 0 4	0	4
	Configure the AWS add on proxy configuration via CLI/Ansible 'Hi,We are want to create a playbook for Splunk with Ansible, We are having an issue config the AWS add on proxy conf... by Meliodas1111111 New Member in Splunk Search 09-28-2021 0 0	0	0
	Can I combine an if like eval with mvappend? Hi, if possible I would like to combine the two eval statements below so I can optimise it for my datamodel\| eval uri... by ebs Communicator in Splunk Search 09-28-2021 0 2	0	2
	How to combine two fields into one after if without losing values Hi,I have a uri_path that I want to combine into a single value, and put the combined value back into the original fi... by ebs Communicator in Splunk Search 09-28-2021 0 3	0	3
	Search Head audit of all listed Apps \ TA's \ SA's via search command i allI'm tasked with performing an audit of our Splunk (Cloud) Search Heads (2) as many Apps \ Add-Ons have been spor... by Anthony_Faul Engager in Splunk Search 09-28-2021 0 2	0	2
	PROPS configuration for Source Data with Field Names and Values Stored in Text File Hello,I have some issues writing a PROPS configuration file for the following source data stored in text file. I al... by SplunkDash Motivator in Splunk Search 09-28-2021 0 1	0	1
	Overriding _time through a calculated field I have created a calculated field which parses _time from a date stamp in the data.However, it does not set _time cor... by bowesmana SplunkTrust in Splunk Search 09-28-2021 0 2	0	2
	Alerting based off of no events by server Hi all,I'm setting up an alerting process that monitors different servers on a single index and sends an alert out if... by ft_kd02 Path Finder in Splunk Search 09-28-2021 0 10	0	10
	Search Query for checking the Uptime of Website Hi Folks, I want to check at what time url has been brought up. Url already added in website monitoring. For example... by sathish2k8 Explorer in Splunk Search 09-28-2021 0 3	0	3
	Pull list of user accounts with last logon How do I pull together a chart of all our user accounts, with the last time that user logged in? I currently have: ev... by ctaylor3819 Engager in Splunk Search 09-28-2021 0 1	0	1
	Require Splunk query HiBelow data is dynamic, sample input table is given below, rows are order may vary (for simplicity I have put the da... by khursheed New Member in Splunk Search 09-28-2021 0 2	0	2
	Split Timechart into stats by field Hello,I have the query :hostalias=$hostname$ AND actor AND total \| timechart span=1s count by actor \| stats This retu... by mfudali Explorer in Splunk Search 09-28-2021 0 7	0	7
	Count of locations on unique days I think this is a pretty basic question, but I'd appreciate some help with it. I'm trying to produce an exportable, ... by dyarashus Loves-to-Learn in Splunk Search 09-28-2021 0 3	0	3
	Count events with differing strings in same field So this search...index="myindex" source="/data/logs/log.json" "Calculation Complete"... the results return a MessageB... by guywood13 Path Finder in Splunk Search 09-28-2021 0 4	0	4
	Merge raws based on common substring Hi,Let's imagine I have those raws :NameValue1Value2foo12foo1216foodazd56fooaoke43foo5623bar12barjodpez74barjo74bar12... by gaglimax Loves-to-Learn Lots in Splunk Search 09-28-2021 0 0	0	0
	% difference in errors over the last 5 minutes Im looking to get a query that will tell me the difference in an error rate increase i.e 5 minutes ag it was 120 erro... by samneo Path Finder in Splunk Search 09-28-2021 0 7	0	7
	how to reduce the time of a search? Hi, I have a search that contains millions of events and is extremely slow, is there a way to speed it up? This is th... by francesco1g Engager in Splunk Search 09-28-2021 0 2	0	2
	Find 2 way communication in flow Looking for the most efficient way to find 2 way traffic in flow data for a particular set of IP/port/protocol combin... by ky129q Engager in Splunk Search 09-28-2021 0 0	0	0