Splunk Search

Community Activity

PROPS Configuration for csv without Header Source files Hello,I have issues to write PROPS configuration file for following csv file (please see screenshot below for sample ... by SplunkDash Motivator in Splunk Search 09-09-2021 0 4	0	4
Transforming Search Output base search\| fields _time host pdfpath status\| stats values(pdfpath) as pdfpath values(host) as host by _time status\|... by jason_hotchkiss Communicator in Splunk Search 09-09-2021 0 2	0	2
How to write the regex to remove the filename and only return the path from my data? I'm trying to remove the filename from path and return path only in Splunk example: `C:\path\path\path\path\applica... by kleckns Explorer in Splunk Search 09-09-2021 2 3	2	3
extract basename from path Hi, Im trying to extract basename that's is abc.log from the below D:\Program Files\User\abc.log using \| eval sour... by deenadp Explorer in Splunk Search 09-09-2021 0 9	0	9
Percentage of two values HiI have a field called STATUS with 2 possible values "SUCCESS" or "WARNING" but the percentages don't seem to work... by splunkcol Builder in Splunk Search 09-09-2021 0 2	0	2
Search xml data I have logs in the format of json where message is the key and message contains the value mentioned below message: <E... by Harshi1993 New Member in Splunk Search 09-09-2021 0 3	0	3
search a value in previous time period and add to current count Hello! is it possible to search a field value and then count it for example first the current week and then add the c... by avoelk Communicator in Splunk Search 09-09-2021 0 6	0	6
Unknown error for indexer: XXXX . Search Results might be incomplete! If this occurs frequently, check on Hi I am migrating from a single install to a cluster 1SH + 1MD + 3 Indexers. When we are trying a load test - 5 heavy... by robertlynch2020 Influencer in Splunk Search 09-09-2021 0 8	0	8
Use results from a search to make multiple different searches and place the results in a table Dear Splunk Community,I need some help fetching data from a source, then use the results as a searchparameter for dif... by Bleepie Communicator in Splunk Search 09-09-2021 0 3	0	3
how do I make a table out of common nested json keys with uncommon json key parents? I have the following JSON event that I'm indexing in splunk: { "plugins": { "Redirection": { ... by zhatsispgx Path Finder in Splunk Search 09-09-2021 0 4	0	4
EVAL to Determine match to field. Hi, I have a data source of call records for phone calls. This data contains a field "A_Number". I want to class an... by C37996518 Explorer in Splunk Search 09-09-2021 0 2	0	2
How to (chart / graph) the percentage of two string occurrences ? This is the query that I am starting with:index=index sourcetype=logs StringA\| stats count as A\| appendcols [search i... by sjringo Contributor in Splunk Search 09-08-2021 0 4	0	4
Append multiple field values to a csv list Hi folks,I'm trying to append multiple field values to a csv as a result of a search. The csv file contains a list of... by josplunk Engager in Splunk Search 09-08-2021 0 1	0	1
"Join" on a lookup not returning everything Hello! I am troubleshooting a report, and I've cut it all down to the very basics with the following two snippets. Ba... by DBattisto Communicator in Splunk Search 09-08-2021 0 1	0	1
Why does mvzip show only 50 results out of 300 possible results ? The query with 300 results displays only 50 when mvzip is used. How to display al 300 results ? by rajanala Path Finder in Splunk Search 09-08-2021 0 2	0	2
eval statement not giving expected result index = pcf_logs cf_org_name = creorg OR cf_org_name = SvcITDnFAppsOrg cf_app_name=VerifyReviewConsumerService host="... by hrishi_deshpand Explorer in Splunk Search 09-08-2021 0 4	0	4
Concat 2 or more search queries into single table Hello, I am a freshmen with splunk. I got a problem trying to concat two/more searches into 1.pretty much my data loo... by rite10privacy10 Explorer in Splunk Search 09-08-2021 0 9	0	9
How to Add two results How do I add the two values from stats which I get from these query? by wasifchowdhury Explorer in Splunk Search 09-08-2021 0 3	0	3
Create a tile with the % error rate I want to create a tile visualization which takes my search and then gives me the % of non 200 results from the "Res... by AshD1984 New Member in Splunk Search 09-08-2021 0 1	0	1
Issues of Defining Fields from Split Row within Extracted Events HelloI have some issues with Defining Fields from Splitted Raw Data within an Event. Sample Events, Code used to spl... by SplunkDash Motivator in Splunk Search 09-08-2021 0 4	0	4
Check if a time field was created less than 75 days back So this is what my data looks like. I need to check if the last column value is in the range of last 75 days. In othe... by sam1010 Explorer in Splunk Search 09-08-2021 0 1	0	1
timechart mistakes I am getting the events from an Australian timeline. But time running in my laptop is IST. So, when i try to calculat... by haripotu Loves-to-Learn Everything in Splunk Search 09-08-2021 0 1	0	1
Searching result using two inputlookup collections I need to find the rows from the first inputlookup collection that has matching field values from the second inputloo... by ssamant007 Explorer in Splunk Search 09-08-2021 0 3	0	3
MLTK LogisticRegression probabilities=true only showing first event probability I Have trained a LogisiticRegression model by using TFIDF data (3K events in a month) as input successfully using pro... by eduardoduarte Explorer in Splunk Search 09-08-2021 0 0	0	0
Add manual input through text box into a new column in a table in splunk Hi ,I want to add a text box in a dashboard panel and the manual input value of that textbox should be added to a new... by nikitha15 Explorer in Splunk Search 09-08-2021 0 0	0	0