Splunk Search

Community Activity

splunk showing 1 event 2 times in multi site cluster We aren't supposed to see the same results from both sites. For a given event we should only see it coming from one s... by pranay_adla Explorer in Splunk Search 08-20-2021 0 2	0	2
How to increase the subsearches maxout limit ? Hi All,Can someone please help me if our subsearch has results more than 50000 and we need to append those as well to... by datamine Loves-to-Learn Lots in Splunk Search 08-20-2021 0 3	0	3
Combine column values and search I have a dynamic table extracted from a search result. Example Table1 that I can get:ErrorCodeComputerInternet Connec... by chiilii Explorer in Splunk Search 08-20-2021 0 4	0	4
CsvDataProvider - Unable to find filename property for lookup Dear Sirs, I am using lookup to enrich my event data on the fly, and it seems to work fine. However, every invocation... by kaurinko Communicator in Splunk Search 08-20-2021 0 2	0	2
Confused with Transaction and map command Hi I have two searches for which searches pacs.200(input) and pacs.800(output) records for an ID inxdex="xyz" sourc... by KBudhale Observer in Splunk Search 08-20-2021 0 4	0	4
Request for searching APIs Hi,How do I get APIs for measuring Units that is SVC(Splunk Virtual Compute Unit) and vCPU (Virtual CPU) in splunk?al... by babypal6 New Member in Splunk Search 08-19-2021 0 0	0	0
_json query problem Hi, can anybody help me please?I have _json indexed events in Splunk.19.08.21 08:26:27,746{<!-- --> [-] name: S8.ManuelFail... by spisiakmi Contributor in Splunk Search 08-19-2021 0 1	0	1
Scheduled searches running at top hour Hi Team,Can you help me with splunk query which gives me visualization for scheduled searches spiking top of the hou... by sharada Loves-to-Learn Everything in Splunk Search 08-19-2021 0 2	0	2
Splunk extraction query index=app_pc "Last Executed SQL" "Tablespace"\| rex field=_raw <SERVICE_NAME>(?<SERVICE_NAME>.*)</SERVICE_NAME>\| rex f... by lv66735 New Member in Splunk Search 08-19-2021 0 1	0	1
99% Percentile for Response Time IIS Hi,I currently have the bellow Search to find the 99% Percentile for Response Time: index=test sourcetype=test\|eval r... by joe06031990 Communicator in Splunk Search 08-19-2021 0 0	0	0
Dashboard token value substitution Hi I have a input token in my dashboard for register number called $tok_reg_num$.The customers can put in a specific... by randy_moore Path Finder in Splunk Search 08-19-2021 0 2	0	2
Lookup wildcard Hello,I need a help with using wildcards in lookup. I want to exclude from search results fields, which are located i... by bosseres Contributor in Splunk Search 08-19-2021 0 2	0	2
Calculate percent index=Myindex sourcetype=mine mysearch \| eval Result=if(Apple="1","Bad","Good")\| stats count by Result The search ... by C37996518 Explorer in Splunk Search 08-19-2021 0 3	0	3
How to increase the subsearch limit? Hello, I'm trying to do a subsearch like this one: index = raw_internet_cartonista programa = ILCL [ search index ... by vitorvmiguel Explorer in Splunk Search 08-19-2021 0 8	0	8
one timestamp multi events HiIn my search table are some multible events with one timestamp.I need to split them.Does somebody has any idea?Than... by gotarr Explorer in Splunk Search 08-19-2021 0 6	0	6
How to group the data We have the count of different fields We need to get all that data on x-axis for the that we are using appendcols mor... by haripotu Loves-to-Learn Everything in Splunk Search 08-19-2021 0 1	0	1
How do I make list of unused knowledge objects & contents that are also out dated? Thank u very much for your reply. How do I make a list of unused knowledge objects like KVstores, Data models , data sets specially the ones that are o... by SamHTexas Builder in Splunk Search 08-18-2021 0 1	0	1
Restful API: cannot change the 'removable' attribute of savedchanges Below is the Bash script to change the ACL of a saved search: URL="https://splunksearch3.shatin.link:8089/servicesNS... by patng_nw Communicator in Splunk Search 08-18-2021 1 3	1	3
Piping stats results into table Can you combine pipe stats into a table by Rico58 New Member in Splunk Search 08-18-2021 0 3	0	3
Only showing latest value in a multi-value cell Hi all,I have the following command which produces a table with one fixed column (Artefact) and the remaining columns... by shakSplunk Path Finder in Splunk Search 08-18-2021 0 8	0	8
PROPS Conf-TIME_PREFIX and TIME_FORMAT for Complex Source File Hello,I have a complex data source (sample events given below). Is there any way I can write TIME_PREFIX and TIME_FO... by SplunkDash Motivator in Splunk Search 08-18-2021 0 1	0	1
How can we use predict command with tstats? Hi,I have the following search that works against a datamodel to plot a timechart. How can I use predict command with... by att35 Builder in Splunk Search 08-18-2021 0 4	0	4
Extracting a field from delimeter value My fields have values like,UTR998760071.unot.utrl.accorda.netRANWA80A8881.cnet.utrl.matrixia.netANNA00A0071.tron.utrl... by zacksoft_wf Contributor in Splunk Search 08-18-2021 0 5	0	5
Trouble creating column chart based off 1 event Hi,I am attempting to create a simple column chart using JSON data from a single event.The Rows{}.S03PERFC value repr... by sam_ Engager in Splunk Search 08-17-2021 0 2	0	2
Ordering an alpha numerical column and highlighting Hi all,I have the following dataset:Name TitleDaysRemainingTomWest50MartinerrorerrorBilly Winter5103WillFable2 I was ... by shakSplunk Path Finder in Splunk Search 08-17-2021 0 1	0	1