Splunk Search

Community Activity

	Table not generated with join subsearch Hi,We are sending a reduced size logs to out splunk to do some smarts. We realized for the past year or so one of our... by vantoryc Explorer in Splunk Search 09-02-2021 0 9	0	9
	Search in splunk with string having " and / Hi,I want to search "xyzetc\";0, ---this is my string .Unable to search this exact pattern, Unba... by opamlan Loves-to-Learn in Splunk Search 09-02-2021 0 1	0	1
	How to calculate percentages with multiple count function？ I'm trying to calculate percentages based on the number of events per vary group. There are actually a lot of events,... by homer07 Explorer in Splunk Search 09-02-2021 0 4	0	4
	using transaction in subsearch to define earliest latest in mainsearch I want to use the subsearch to get start and endtime of the newest transaction (here a botsession).The subsearch alon... by TheEggi98 Path Finder in Splunk Search 09-02-2021 0 3	0	3
	sort table values by table values HelloI have a table with 3 columns1 is stringsand 2 columns with numbersis there a way to sort the table from the hig... by sarit_s Communicator in Splunk Search 09-02-2021 0 6	0	6
	Need to get all the values in piechart Hi,Current piechartIn the above piechart highlighted cities details are not displaying.have to use mouse over to chec... by Madhusri Engager in Splunk Search 09-02-2021 0 1	0	1
	Filter data from showing up Hi Guys, I would like to check if it's possible to prevent some data from showing up in the search. Below is what I w... by splunknewbie81 Engager in Splunk Search 09-02-2021 0 5	0	5
	Zero count not displaying when stats count is used My query is :index="stage" source="record service*" \| eval type=case(like(message, "%successful generated account%"... by Harshi1993 New Member in Splunk Search 09-02-2021 0 3	0	3
	get max figure for latest time in data Hi,I have data as below sample:Date Time val1 val2 val3 ......21/08/31 01:00:00 2 1 2 2 2 2 2 1 1 2 69 1 0 2 0 0 3 32... by mcaulsc Path Finder in Splunk Search 09-02-2021 0 2	0	2
	Help with Rex Commands Hi All, I am having some trouble extracing out the following with the following details 1. username 2. Default Msg3. ... by splunknewbie81 Engager in Splunk Search 09-02-2021 0 12	0	12
	Searches delayed in search head captain Hi all,We have 3 search heads are in cluster. serach head 1 is captain.Recently we upgraded to 7.2.3 to 8.0.3.after t... by btshivanand Path Finder in Splunk Search 09-01-2021 0 3	0	3
	How to use mvindex to break json file with multiple values Hello All, So i have a field like below with JSON file {"results_appcodes": [{"count": 2, "app_code": "XYZ", "group... by rczone Path Finder in Splunk Search 09-01-2021 0 7	0	7
	PROPS Configuration for HTML data source Hello,How I would write my Props Configuration (Tme Prefix, Time Format, LINE/EVENT Breaker...etc) for following HTM... by SplunkDash Motivator in Splunk Search 09-01-2021 0 5	0	5
	Input Configuration file Hello,I have some issues using following input configuration file for windows machine: [monitor://T:\Toshtest\logs\te... by SplunkDash Motivator in Splunk Search 09-01-2021 0 1	0	1
	Using Index info to cross reference CSV and Map Hello, I have an indexed list of internal IPs that I have been able to get a count for based on a CIDR list on a CSV ... by IrishGuru Loves-to-Learn Lots in Splunk Search 09-01-2021 0 0	0	0
	rex extract literal stings with special characters I have a list of hundreds of string values that need to be extracted from a fieldthe problem is the values that need ... by spicy Path Finder in Splunk Search 09-01-2021 0 5	0	5
	subsearch matching latest I'm trying to create a query that basically says: Show me events that contain A, B, C or D where the latest is A or B... by rj1 Engager in Splunk Search 09-01-2021 0 2	0	2
	Dealing with logs that have different update times (while comparing them) (This is a continuation of https://community.splunk.com/t5/Splunk-Search/Creating-a-search-that-looks-up-values-from-... by aubine Explorer in Splunk Search 09-01-2021 0 0	0	0
	Creating a search that looks up values from one logfile and compares against another I have two logfiles, logfile1.log and logfile2.log. I have created their own field extractions for both of them. Here... by aubine Explorer in Splunk Search 09-01-2021 0 4	0	4
	Count events matching a specific string From the logs, I need to get the count of events from the below msg field value which matches factType=COMMERCIAL and... by newtosplunk14 Explorer in Splunk Search 09-01-2021 0 2	0	2
	Subtraction of X days from a date Hi guys, Probably very simple question but I just tangled myself in the logic. I want to create 2 fields, one with t... by klaudiac Path Finder in Splunk Search 09-01-2021 0 6	0	6
	Single value panel with trend based on avg(count) Hello there.What I'm trying to do is the following: search \| bucket span=60s _time \| stats count by _time \| ... I wan... by marco_carolo Path Finder in Splunk Search 09-01-2021 0 13	0	13
	Determining the total storage space a user's search artifacts are occupying (and calculating the time a search expires) I'm working on calculating the storage space taken up by a specific user. I would like to calculate the total size of... by BernardEAI Communicator in Splunk Search 09-01-2021 0 4	0	4
	How do I search for a list of Saves searches that don't use index name for searching in Splunk Ent. or ES. Thank u a lot I need to find a list of saved searches that don't use the index name in searching please. Any way to list the name o... by SamHTexas Builder in Splunk Search 08-31-2021 0 4	0	4
	Sum of particular field values Hi,Current tableExpectedfstatuscountsuccess604Userdefined39 Need to sum the "password mismach","policy policy constra... by Madhusri Engager in Splunk Search 08-31-2021 0 2	0	2