Splunk Search

Community Activity

	Group events by _time while indexing I have logs with same _time(msg field) like belowtype=CWD msg=audit(1631697722.980:2773): cwd="/" type=PATH msg=audi... by sivaranjiniG Communicator in Splunk Search 09-19-2021 0 2	0	2
	Converting variable File Size Units with dot points to bytes Hi there,I am building a Synology Splunk TA to share with the community. In the logs, file sizes can be presented in ... by satiex Explorer in Splunk Search 09-18-2021 0 2	0	2
	Newbie question - creating events vs time HiNew to Splunk and learning how to create a simple dashboard. What I'd like to see is status=403 or status=200 over ... by kam_emea Engager in Splunk Search 09-18-2021 0 1	0	1
	Eval Substring Match? Anyone have a good method for doing substring matches where field1 is my searched field and field2 is my substring I ... by wilcomply Observer in Splunk Search 09-18-2021 0 2	0	2
	Group by time intervals from other search results I have 2 indexies: one with business events [main], another with server performance metrics [metrics].Say, in [main] ... by mikhailBard Observer in Splunk Search 09-18-2021 0 2	0	2
	How to find 7days rolling events count Hello,I want to find the 7 days rolling sum as per the attached sample data. For example in the attached sample data,... by mnj1809 Path Finder in Splunk Search 09-18-2021 0 3	0	3
	how to show multiple columns in table along with timestamp Hi team, I have one requirement to prepare a query to get a value from json and do chart count around it. For this I ... by rkishoreqa Communicator in Splunk Search 09-17-2021 0 3	0	3
	Multiple stats count Hi Folks,My test data are like :DOC_ID,PROCESS_ID,RECEIVERDOC_10,PROC_A100,REC_0001DOC_10,PROC_A100,REC_0002DOC_20,PR... by Atif Explorer in Splunk Search 09-17-2021 0 1	0	1
	merge two search results Hi, I have three search results giving me three different set of results, in which three is one common filed called ... by KarunK Contributor in Splunk Search 09-17-2021 0 11	0	11
	Extracting through inconsistent data Hello all, Have been trying to extract the values through an inconsistent data as below. Highlighted values needs to ... by srinivas_gowda Path Finder in Splunk Search 09-17-2021 0 3	0	3
	IPLOCATION displaying wrong Country Hello,I am having an issue with IPLOCATION displaying the wrong Country using the following query. index="office365" ... by nathanluke86 Communicator in Splunk Search 09-17-2021 0 5	0	5
	extract only date from a date time field Example i have a csv where the date is like this in the date fieldBilling Start= 43774.7083333But when i format the ... by surekhasplunk Communicator in Splunk Search 09-17-2021 0 1	0	1
	Extract JSON objects How can i extract this:"properties": {"nextLink": null,"columns": [{"name": "Cost", "type": "Number"},{"name": "Date"... by vishaltaneja070 Motivator in Splunk Search 09-17-2021 0 9	0	9
	Field alias does not work in tstats? Hi all, I'm changing a field name in my index, so I'm trying to set up a field alias so both the old field name and n... by phoenix_down Path Finder in Splunk Search 09-17-2021 0 1	0	1
	regex substr help Hi,in anything else this would seem very simple but I seem to be flummoxed trying to do this in splunk. Probably not ... by mcaulsc Path Finder in Splunk Search 09-17-2021 0 6	0	6
	Why does this newly created field (via eval) not produce any values? Hi,I have written the below search query based on some prometheus metrics being onboarded: index=lab_openshift_promet... by johnnydunlop Engager in Splunk Search 09-17-2021 0 2	0	2
	Help with search Hey Guys, this is a continuation of the below topic:https://community.splunk.com/t5/Splunk-Search/Search-query-to-rem... by rodrigomarfei Explorer in Splunk Search 09-17-2021 0 2	0	2
	How to append text in field on result not found Let's suppose I have TOTO in successfully in my logs. I want to display the result for TOTO and append that no result... by Lukas972 Engager in Splunk Search 09-17-2021 0 2	0	2
	Matching several strings in a field I have a field (FIELD1) that may contain one of several strings. These strings may appear in different locations wit... by gelspas Explorer in Splunk Search 09-17-2021 0 4	0	4
	Splunk for analyzing Logs - looking for Big time gaps graph. Hi!I have a log that looks more or less like this: 'H 16-Sep-2021 10:57:03.084; 0:< Jrn.Directive "WindowSize" _... by Arkowski New Member in Splunk Search 09-17-2021 0 0	0	0
	dynamically subtract from counts I am trying to write a splunk query to show what percentage of traffic is split between my on premise and cloud. My s... by UK_Chris_Doyle New Member in Splunk Search 09-17-2021 0 0	0	0
	Machine Learning Toolkit model time shift after apply Has anybody encountered a strange timeshift when applying a model to data Model generation:Apply: by plapila Explorer in Splunk Search 09-17-2021 0 0	0	0
	Data results not aligning with time Been experimenting with ML toolkit and having some weird issues. I can get nice predictions by teaching the data but ... by plapila Explorer in Splunk Search 09-17-2021 0 3	0	3
	regex works on regex101 but not splunk Im trying to get a regex to work in splunk that works in regex101Im using the below regex\b(a_msg)\b[^"]+"([^"]*)"thi... by samneo Path Finder in Splunk Search 09-17-2021 0 4	0	4
	Copy logs from one index to another with use same host information Hi,I want to copy some logs in one index to another index with the same host information. I use collect command to do... by MesutUgurlu New Member in Splunk Search 09-17-2021 0 3	0	3