Splunk Search

Community Activity

How to Calculate the Percentage of each entry I have the following SPL and I want to show table below. The value of Total must be equal to count of events (1588). ... by Sentira Explorer in Splunk Search 09-10-2021 0 2	0	2
Capture and remove zeros from ipv4 address Hello I'm trying to capture the ip address from the PXE log example shown. I want to also trim any preceding 0 so I c... by stavbergen Explorer in Splunk Search 09-09-2021 0 2	0	2
Create a stats line per host Hi,We have a custom search that should alert when a critical host, that we have defined in the search, is missing. Th... by ebs Communicator in Splunk Search 09-09-2021 0 1	0	1
Why source name in chinese characters display with messy code in web browser？ HiI've upload a file with chinese name，the content(which is also in chinese character)can display and query normally，... by chamjo New Member in Splunk Search 09-09-2021 0 0	0	0
PROPS Configuration for csv without Header Source files Hello,I have issues to write PROPS configuration file for following csv file (please see screenshot below for sample ... by SplunkDash Motivator in Splunk Search 09-09-2021 0 4	0	4
Transforming Search Output base search\| fields _time host pdfpath status\| stats values(pdfpath) as pdfpath values(host) as host by _time status\|... by jason_hotchkiss Communicator in Splunk Search 09-09-2021 0 2	0	2
How to write the regex to remove the filename and only return the path from my data? I'm trying to remove the filename from path and return path only in Splunk example: `C:\path\path\path\path\applica... by kleckns Explorer in Splunk Search 09-09-2021 2 3	2	3
extract basename from path Hi, Im trying to extract basename that's is abc.log from the below D:\Program Files\User\abc.log using \| eval sour... by deenadp Explorer in Splunk Search 09-09-2021 0 9	0	9
Percentage of two values HiI have a field called STATUS with 2 possible values "SUCCESS" or "WARNING" but the percentages don't seem to work... by splunkcol Builder in Splunk Search 09-09-2021 0 2	0	2
Search xml data I have logs in the format of json where message is the key and message contains the value mentioned below message: <E... by Harshi1993 New Member in Splunk Search 09-09-2021 0 3	0	3
search a value in previous time period and add to current count Hello! is it possible to search a field value and then count it for example first the current week and then add the c... by avoelk Communicator in Splunk Search 09-09-2021 0 6	0	6
Unknown error for indexer: XXXX . Search Results might be incomplete! If this occurs frequently, check on Hi I am migrating from a single install to a cluster 1SH + 1MD + 3 Indexers. When we are trying a load test - 5 heavy... by robertlynch2020 Influencer in Splunk Search 09-09-2021 0 8	0	8
Use results from a search to make multiple different searches and place the results in a table Dear Splunk Community,I need some help fetching data from a source, then use the results as a searchparameter for dif... by Bleepie Communicator in Splunk Search 09-09-2021 0 3	0	3
how do I make a table out of common nested json keys with uncommon json key parents? I have the following JSON event that I'm indexing in splunk: { "plugins": { "Redirection": { ... by zhatsispgx Path Finder in Splunk Search 09-09-2021 0 4	0	4
EVAL to Determine match to field. Hi, I have a data source of call records for phone calls. This data contains a field "A_Number". I want to class an... by C37996518 Explorer in Splunk Search 09-09-2021 0 2	0	2
How to (chart / graph) the percentage of two string occurrences ? This is the query that I am starting with:index=index sourcetype=logs StringA\| stats count as A\| appendcols [search i... by sjringo Contributor in Splunk Search 09-08-2021 0 4	0	4
Append multiple field values to a csv list Hi folks,I'm trying to append multiple field values to a csv as a result of a search. The csv file contains a list of... by josplunk Engager in Splunk Search 09-08-2021 0 1	0	1
"Join" on a lookup not returning everything Hello! I am troubleshooting a report, and I've cut it all down to the very basics with the following two snippets. Ba... by DBattisto Communicator in Splunk Search 09-08-2021 0 1	0	1
Why does mvzip show only 50 results out of 300 possible results ? The query with 300 results displays only 50 when mvzip is used. How to display al 300 results ? by rajanala Path Finder in Splunk Search 09-08-2021 0 2	0	2
eval statement not giving expected result index = pcf_logs cf_org_name = creorg OR cf_org_name = SvcITDnFAppsOrg cf_app_name=VerifyReviewConsumerService host="... by hrishi_deshpand Explorer in Splunk Search 09-08-2021 0 4	0	4
Concat 2 or more search queries into single table Hello, I am a freshmen with splunk. I got a problem trying to concat two/more searches into 1.pretty much my data loo... by rite10privacy10 Explorer in Splunk Search 09-08-2021 0 9	0	9
How to Add two results How do I add the two values from stats which I get from these query? by wasifchowdhury Explorer in Splunk Search 09-08-2021 0 3	0	3
Create a tile with the % error rate I want to create a tile visualization which takes my search and then gives me the % of non 200 results from the "Res... by AshD1984 New Member in Splunk Search 09-08-2021 0 1	0	1
Issues of Defining Fields from Split Row within Extracted Events HelloI have some issues with Defining Fields from Splitted Raw Data within an Event. Sample Events, Code used to spl... by SplunkDash Motivator in Splunk Search 09-08-2021 0 4	0	4
Check if a time field was created less than 75 days back So this is what my data looks like. I need to check if the last column value is in the range of last 75 days. In othe... by sam1010 Explorer in Splunk Search 09-08-2021 0 1	0	1