Splunk Search

Community Activity

Removing rows from table based on more than one field Hi,I am trying to filter out fields from a table based on its content, example:LP. NAME SURNAME STREET CITY1. Bob Smi... by kxmorrr Engager in Splunk Search 09-28-2021 0 3	0	3
Creating a timechart with duration Hey guys. I have multiple events combined to transactions. I'd like to view the duration of each transaction on a tim... by username13 Explorer in Splunk Search 09-28-2021 0 6	0	6
How to show a list that compare the thing which not show up in a csv file So in detail, I have a dashboard that read log files to monitor the list of host's status which is UP or DOWN. But wh... by phamxuantung Communicator in Splunk Search 09-28-2021 0 1	0	1
stats count conditional for multi field Hello dears,I want to list my search if "B" total count higher than >3 than list by "A"A and B fields could have var... by corehan Explorer in Splunk Search 09-28-2021 0 7	0	7
Field Extraction Hi Experts,I'm having some difficulties to extract the correct information from a file that was add to splunk.I tried... by cauhe Explorer in Splunk Search 09-28-2021 0 4	0	4
adding value output rows from a stats table I have the following search. index=main_index sourcetype="hec:google" operationName=createMobileAuthenticationOutcome... by rhallinan Engager in Splunk Search 09-27-2021 0 2	0	2
Table column split I have requirement to split the single cell into two columns, in which i need to add different search result data.I n... by sahana Engager in Splunk Search 09-27-2021 0 1	0	1
Where to find "Detected Anomaly" notable events in ITSI? Our ITSI is showing some "Detected Anomaly" for the kpi "Index Usage".Where and how can I find the notable events for... by vl951f Path Finder in Splunk Search 09-27-2021 0 0	0	0
How do I exclude Mondays from a Timechart There are no data on Mondays so my timecharts always dip to 0. {search string} \| eval date_wday=lower(strftime(_time,... by splunkuser2127 Loves-to-Learn in Splunk Search 09-27-2021 0 12	0	12
Base search on a dashboard Hello!I have been trying to make a base search on a dashboard with a time and environment input as a drop-down.It onl... by N-W Explorer in Splunk Search 09-27-2021 0 3	0	3
How to use values from inputlookup for date comparison? Hi, I want to create a dashboard, where a user has a drop down input to select a named time frame ($value$). The star... by Jochen_Widmaier Engager in Splunk Search 09-26-2021 0 6	0	6
multisearch Hi , I have 2 queries :index="bar_" sourcetype =foo crm="ser"\| dedup uid\| stats count as TotalCountand index="bar_"... by zakura Explorer in Splunk Search 09-26-2021 0 3	0	3
"What to search" is not showing. Hey, I am working towards Slunk Fundamentals 1 and doing the eLearning assignments. Currently on Module5. I have impo... by P_Viz Engager in Splunk Search 09-26-2021 1 3	1	3
Get mean response time for each endpoint in log. I have an api which has a number of endpoint, e.g., /health, /version, /specification and so on...I have a query whic... by ashvini_mishra Explorer in Splunk Search 09-26-2021 0 3	0	3
Macro for Backslash Substitution I have a macro that adds a backslash to an existing backslash: [backslash(1)] args = arg definition = replace("$arg$"... by ephemeric Contributor in Splunk Search 09-25-2021 0 0	0	0
Is it possible to implement base search in query with multiple appendcols index=test sourcetype=test_access tag=prod server_name!="www.test.com" earliest=-4h latest=now \| timechart eval(avg(r... by ronsri Observer in Splunk Search 09-25-2021 0 1	0	1
How to exclude combinations of values in lookup from search? Hi, Team!I have a rule:index = example source = "Rule" \| fields user, src_time, src_app, src, src_lat, src_long, src_... by ilya New Member in Splunk Search 09-25-2021 0 1	0	1
Stats count use last event Hello,I'm trying to make a report to count the number of interfaces available and used.I found the query that matches... by yoan Explorer in Splunk Search 09-25-2021 0 2	0	2
outputlook with a subset of fields I have an alert that joins RAW events with a lookup containing thresholds (and yes, it has to be a join). I would li... by middlemiddle Explorer in Splunk Search 09-24-2021 0 3	0	3
Matching values from two different look up tables but not combining them Hey guys,So I have two look up tables table1 and table 2. Table 1 ID Username Fname Lname Table 2 Username What i w... by alexrod559 Loves-to-Learn Lots in Splunk Search 09-24-2021 0 3	0	3
Query for different lines with status I have a log as a belowcod:5678,status:600cod:9012,staus:600cod:1234,status:600cod: 1234,status:900cod:4987,status:60... by graziaedu Explorer in Splunk Search 09-24-2021 0 7	0	7
stats and join not working in map search I have a search that counts the amount of times a user runs a program, and then returns the usernames of the users wh... by aekruse New Member in Splunk Search 09-24-2021 0 0	0	0
Unable to do Lookup via Calculated Field Hi, I am trying to do a Lookup with a calculated field.Details:I have a csv containing three coloumns:DomainName,Thre... by DariusNG Engager in Splunk Search 09-24-2021 0 4	0	4
Calculate and Chart the current status of Application Hi Folks,I am getting the status of my applications(Server-001 and Server-002)every 15mins like the below example in ... by Praj Loves-to-Learn in Splunk Search 09-24-2021 0 3	0	3
Fields Extraction using RegEx Hi, i want to extract bytes fields (using the bytes values) from this:Sep 23 14:11:52 XXX.XXX.X.XX date=2021-09-23 ti... by syazwani Path Finder in Splunk Search 09-24-2021 0 2	0	2