Splunk Search

Community Activity

timewrap charts having timescale as the current week + 1/2/3 weeks before I am using timewrap function to compare data for a particular day of the week with same day of the week for last 4 we... by MayankChandra Engager in Splunk Search 08-30-2021 0 0	0	0
timewrap output I am using timewrap to compare data for a particular day of the week with same day of the week for last 4 weeks. i.e ... by MayankChandra Engager in Splunk Search 08-30-2021 0 3	0	3
How to overlay two graphs with different time ranges Would you know how can I display an overlay of two charts that have different time ranges on the X-axis?For example, ... by OctoberP Explorer in Splunk Search 08-30-2021 0 5	0	5
Need to display count having zero events I am having below search string and suppose the file "magic_new.log" has no events and the requirement is to show tha... by prajwal_94 Explorer in Splunk Search 08-30-2021 0 3	0	3
peak day count for the day of the month and avg for the month Hi, I get the exactly same count for avg and peak, any issue with my query? index=a sourcetype=ab earliest=-30d lates... by francly Explorer in Splunk Search 08-30-2021 0 3	0	3
table command without changing sort order Hello all,I would like to use the table command without changing the order of events.To give an example: When searchi... by whrg Motivator in Splunk Search 08-30-2021 0 7	0	7
User login Hi ,A newbie to Splunk here. I have found the query for login info for users on a host: index=os source=var/log/sec... by RanjithaN99 Explorer in Splunk Search 08-30-2021 0 6	0	6
search language Hi, how do I get subtotal count for each Host and Total for all count, in additional count for all different status.H... by francly Explorer in Splunk Search 08-30-2021 0 4	0	4
nested if loop I would like to write in splunk a nested if loop: What I want to achieve:if buyer_from_France: do ... by splunkymage Observer in Splunk Search 08-29-2021 0 0	0	0
tstats unable to get any results when specifying dataset in FROM clause Hi,We are in the process of migrating all Apps/Config's from an older standalone instance(7.2.4.2) to a newer SHC(8.1... by att35 Builder in Splunk Search 08-29-2021 0 0	0	0
How do I join a search on a field that is not unique to compare time values? Hello all,I am struggling to find a solution for this. I have two different searches.One shows log entries where syst... by Traer001 Path Finder in Splunk Search 08-28-2021 0 7	0	7
Need Regex help Hi All,I will be getting a list of MD5 hash values in my logs. Need a regex expression for the below. Therefore whene... by SabariRajanT Path Finder in Splunk Search 08-28-2021 0 7	0	7
Find the average of the first 99% range of data My search currently gives me some statistics regarding response times including total count, average, min, max and 99... by sepkarimpour Path Finder in Splunk Search 08-27-2021 0 11	0	11
Issues with props and transforms Hi All,I have just copied across working props and transforms stanza from one HF to another for sqs logs. however it’... by Abha11 Explorer in Splunk Search 08-27-2021 0 2	0	2
How to get the last hour of events but also over the past 6 weeks? I wanted to establish an alert that will look at the past hour for the past 6 weeks and make some comparisons. So for... by aohls Contributor in Splunk Search 08-27-2021 0 4	0	4
99% Percentile time_taken in IIS Hi I am trying to find the min, max and AVG for Percentile 99,90 and 75 with the bellow: index="main" source="C:\\ine... by joe06031990 Communicator in Splunk Search 08-27-2021 0 0	0	0
Search query to remove results from another source. I have the following sourcers: "inserted" and "deleted"In the "inserted" i have these fields:Id, Timestamp1, 2021-08-... by rodrigomarfei Explorer in Splunk Search 08-27-2021 0 4	0	4
Transforming commands works only in verbose mode Suddenly transforming commands stopped working unless I search in verbose mode. What could cause this issue? This onl... by splunker1789 Engager in Splunk Search 08-27-2021 0 0	0	0
How do I generate a random number between a specific range? Hi, How can I generate a random number between 1 to 20. I random() function doesn't allow to specify a range. please ... by sravani27 Path Finder in Splunk Search 08-27-2021 4 6	4	6
I want no. of triggered alerts in a day from total alerts to be generated I want a report when total events less than 9500000 in a day from sourcetype.Also I tried below query, but its giving... by zakkie Engager in Splunk Search 08-27-2021 0 1	0	1
Alert throttle not working with renamed fields I have multiple alerts with searches similar to the one below where fields are renamed to a numeric ordering. The sea... by _stoff Observer in Splunk Search 08-27-2021 0 1	0	1
Sum the values in a field Hi Team,Current tableApplicationFailureSuccessA26B47C58 ExpectedApplicationFailureSuccessD1121 How to add the Applica... by Madhusri Engager in Splunk Search 08-27-2021 0 3	0	3
Why doesn't the the eval- subtraction generates results from two extracted values? Hey Splunk- community,theres another problem which must solved again. The following query....index=machinedata_w05_su... by Felix82 Explorer in Splunk Search 08-27-2021 0 1	0	1
How to use eval with mstats Hi,I want to run something similar to the below on metrics data stored in metrics index, can you please assist:eval i... by nouraali Explorer in Splunk Search 08-27-2021 0 4	0	4
How to match wildcard in a join left? Consider I received the following logs:cn=srv1.example.com;issuer=C=US, O=Amazon, OU=Server CA 1A, CN=Amazon cn=srv1.... by JChris_ Path Finder in Splunk Search 08-27-2021 0 2	0	2