Splunk Search

Community Activity

	Search shows events only and not statistics in Splunk 6.2 BElow query shows expected statistics table in Splunk 8.2, but shows only events in Splunk 6.2. YOUR_SEARCH \| fields... by ruhibansal Explorer in Splunk Search 08-14-2021 0 5	0	5
	Compare logs between two different datacenter and match the value. I have two different datacenter . hostA and hostB are like datacenters and 1,2,3.... are hosts. hostA-1, hostA-2, hos... by DougiieDee Explorer in Splunk Search 08-14-2021 0 4	0	4
	How to use a field other than _time in timecharts I have an issue, and I found a posting here that I thought would fix me up, but there is something wrong and I am not... by mmpratt Observer in Splunk Search 08-13-2021 0 2	0	2
	How can i get only one data on column table instead of having multiple due to params? operationNameurlsavg_timemax_timecountMethodUsingGEThttps://www.google.com/api/v1/571114808/CAR.202https://www.google... by DougiieDee Explorer in Splunk Search 08-13-2021 0 5	0	5
	Find changes in query HelloAre there any internal logs in Splunk that show changes made to the query, who made it and what change he made? by havatz Explorer in Splunk Search 08-13-2021 0 1	0	1
	Skipped Searches Hi everyone, I have some questions about skipped searches. With the following search, I have found, that on my SH I h... by g_paternicola Path Finder in Splunk Search 08-13-2021 0 3	0	3
	How to check in date in field is within range Hi, I am trying to check if date that is stored within a field in table is within the last 24h from the moment the se... by kxmorrr Engager in Splunk Search 08-13-2021 0 1	0	1
	Delete events from a query with a command that is 'not distributable streaming' We have a Splunk instance that keeps copies of Jira tickets which have changed over time. Anytime there is a change ... by bhooker_axcient Engager in Splunk Search 08-13-2021 0 1	0	1
	[Forwarder] extract field from flow tcp 514 Hi,I have a data stream on the forwarder, streaming on the 514. the data is correctly indexed. But I would like to ex... by SuperMisterT Loves-to-Learn Everything in Splunk Search 08-13-2021 0 11	0	11
	Field Extractor - extract digit from brackets Hi,I would like to extract particular digit from brackets, index it as follows and based on that create stats hourly.... by darspla Explorer in Splunk Search 08-13-2021 0 7	0	7
	Date Format and Time Format Hello,What would be my TIME_FORMAT for prop configuration file for this events2021-06-08T13:26:53.665000-04:00\|PGM\|mt... by SplunkDash Motivator in Splunk Search 08-13-2021 0 5	0	5
	Splunk Time difference search I have two results of servers list as per last 30 days and last 12 hrs. I want to compare and find out which servers ... by Sirius27 New Member in Splunk Search 08-12-2021 0 3	0	3
	search 2 logfiles from same source, but different fields. I have an index which contains data from many logfiles. I want to search for specific data in log1 and display with ... by dbrooks_CIR New Member in Splunk Search 08-12-2021 0 1	0	1
	Indexed field is not showing up when I use "=" in the search. We use cribl for field extraction. `Action` is a field that is being parsed from cribl and it should be a indexed fie... by paras Explorer in Splunk Search 08-12-2021 0 1	0	1
	TIME_PREFIX for props Hello, how can I write TIME_PREFIX for props conf file for following sample event. Any help will be highly appreciate... by SplunkDash Motivator in Splunk Search 08-12-2021 0 2	0	2
	Return NOT matching events Hi,I am trying to return values that DO NOT MATCH the search between an index and .csv fileEx - this returns the valu... by munisb Explorer in Splunk Search 08-12-2021 0 1	0	1
	PROPS Config...Different Time Formats within Same Source File Hello,I am a source file which has events with 2 different file formats. How would I write TIME_FOMAT for my PROPS ... by SplunkDash Motivator in Splunk Search 08-12-2021 0 1	0	1
	PROF Conf Issues Hello, I was trying to write PROPS configuration file following sample events...2021-06-08T13:26:53.665000-04:00\|PGM\|... by SplunkDash Motivator in Splunk Search 08-12-2021 0 1	0	1
	How to list field and their values? My log is formatted like this:labels: {<!-- --> app: splunk-kubernetes-metrics app.kubernetes.io/managed-by: Helm... by truongvinh2112 New Member in Splunk Search 08-12-2021 0 4	0	4
	How to change the order of fields when chart is used index="www1" sourcetype="access_combined_wcookie" action=* status<=400\| timechart span=1d count(action) by clientip u... by nnonm111 Path Finder in Splunk Search 08-12-2021 0 1	0	1
	How to improve performance of a "loadjob" search which takes a long time to fetch the results? I am using loadjob to load an already scheduled report that contains more than 2 million results. But when i try to f... by samkaj Explorer in Splunk Search 08-12-2021 0 7	0	7
	Need help with lookup query Hi All,I am using below query to search for certain logs:index=int_gcg_apac_solace_166076 host="mwgcb-csrla0U" sour... by Mrig342 Contributor in Splunk Search 08-12-2021 0 2	0	2
	How to count the number of opened and closed incidents? Hi There, I have got incidents data in below format: dateRaised, IncID, Location, Status, closedDate 05-05-20, 1234... by madhav_dholakia Contributor in Splunk Search 08-12-2021 0 5	0	5
	Get the details events after using stats I have a query index = "index1" \|spath output=error_code input=RAW_DATA path=MsgSts.Cd \|dedup SESSIONID \|stats count ... by phamxuantung Communicator in Splunk Search 08-12-2021 0 2	0	2
	How to delete everything before and including string, using regex? Dear Community, I have the following search query: index="myIndex" host="myHost" source="mySource.log" 20210811053... by Bleepie Communicator in Splunk Search 08-12-2021 0 4	0	4