Splunk Search

Community Activity

PROF Conf Issues Hello, I was trying to write PROPS configuration file following sample events...2021-06-08T13:26:53.665000-04:00\|PGM\|... by SplunkDash Motivator in Splunk Search 08-12-2021 0 1	0	1
How to list field and their values? My log is formatted like this:labels: {<!-- --> app: splunk-kubernetes-metrics app.kubernetes.io/managed-by: Helm... by truongvinh2112 New Member in Splunk Search 08-12-2021 0 4	0	4
How to change the order of fields when chart is used index="www1" sourcetype="access_combined_wcookie" action=* status<=400\| timechart span=1d count(action) by clientip u... by nnonm111 Path Finder in Splunk Search 08-12-2021 0 1	0	1
How to improve performance of a "loadjob" search which takes a long time to fetch the results? I am using loadjob to load an already scheduled report that contains more than 2 million results. But when i try to f... by samkaj Explorer in Splunk Search 08-12-2021 0 7	0	7
Need help with lookup query Hi All,I am using below query to search for certain logs:index=int_gcg_apac_solace_166076 host="mwgcb-csrla0U" sour... by Mrig342 Contributor in Splunk Search 08-12-2021 0 2	0	2
How to count the number of opened and closed incidents? Hi There, I have got incidents data in below format: dateRaised, IncID, Location, Status, closedDate 05-05-20, 1234... by madhav_dholakia Contributor in Splunk Search 08-12-2021 0 5	0	5
Get the details events after using stats I have a query index = "index1" \|spath output=error_code input=RAW_DATA path=MsgSts.Cd \|dedup SESSIONID \|stats count ... by phamxuantung Communicator in Splunk Search 08-12-2021 0 2	0	2
How to delete everything before and including string, using regex? Dear Community, I have the following search query: index="myIndex" host="myHost" source="mySource.log" 20210811053... by Bleepie Communicator in Splunk Search 08-12-2021 0 4	0	4
How to pass a mutliple values into a Token? Hi all,Is it possible pass multiple value to a Token from one search to another? This is what I try to do.First Panel... by Tomas_K Explorer in Splunk Search 08-11-2021 0 3	0	3
multisearch with a lookup and index? I'm looking to combine data from a lookup file to data from our security server to create a comparison chart between ... by msage Path Finder in Splunk Search 08-11-2021 0 5	0	5
Dealing with Lists I have network logs that show various network device communication that are in an index in Splunk. I have another in... by richtate Path Finder in Splunk Search 08-11-2021 0 13	0	13
Querying partial match from lookup Hi, I've a lookup that looks like this - clientid url abc accounts//balanceabc accounts//namexyz /user/*/details An... by pjtbasu Explorer in Splunk Search 08-11-2021 0 2	0	2
How to split a row into two columns We want to replicate this table (especially the circled row).We have to divide data (from 1 to 3 and from 4 to 6) for... by Raghork Loves-to-Learn Lots in Splunk Search 08-11-2021 0 0	0	0
Filtering specific digit at the end of a field value Hi community,i have the following tstats output"\| tstats count WHERE fromzone="INTRANET" index=__* by index sourc... by brennson90 Path Finder in Splunk Search 08-11-2021 0 2	0	2
Loop on the values of a column of a table Hello,I have the following SPL command : \|tstats count where index=main host IN (H1,H2) by host, _time span=1h \| pred... by silverdiver New Member in Splunk Search 08-11-2021 0 1	0	1
How could I create a timespan for alternating events? Hey Splunk- community, I need your help again. My data are events which reports disturbments. "action=kommend" marks ... by Felix82 Explorer in Splunk Search 08-11-2021 0 4	0	4
how to get max val by time in splunk index="performance" sourcetype="physical_cpu"\| addtotals fieldname=CPU_SUM CPU_*\| rex mode=sed field=_raw "s/ //g"\| e... by chohye12 New Member in Splunk Search 08-11-2021 0 3	0	3
Generating alert based on condition Hi All ,i have configured alerts for the search below:index="ebs_red_0" host="dev-obiee-ux0*" source="/obiee_12c/app/... by Ashutosh_30 Loves-to-Learn in Splunk Search 08-11-2021 0 2	0	2
What should I do to see the value of two counts? What should I do to see the value of two counts?I want to see the number of clientips and destinations at the same ti... by nnonm111 Path Finder in Splunk Search 08-11-2021 0 1	0	1
Splunk regex help Hi Team, I've a field name uri, which has value like this --/dev/{AccountNumber}/accountDetail/uat/{ContentID}/conten... by pjtbasu Explorer in Splunk Search 08-10-2021 0 2	0	2
Trying to extract fields using regex Hi, I am new to Splunk environment. I am trying to extract ModifiedAccountName, ModifiedAccountDomain, ModifiedLogonI... by manojsrms Engager in Splunk Search 08-10-2021 1 2	1	2
Find all fileds by file list I have a data in Splunk like FnameLnameCountryfname1lname1USAfname2lname2USAfname3lname3USA And I have file in Splunk... by jokovitch Explorer in Splunk Search 08-10-2021 0 16	0	16
Field extraction for space Hi Team,We have one field as Customer=ABC DEF where one space in between where if i am giving any as Customer = *DEF... by Susha Engager in Splunk Search 08-10-2021 0 2	0	2
Create Statistic Table Based on Regex Hi experts, I am new to Splunk and came across this requirement at work.Requirement:I want to create a table showing ... by Wendy Explorer in Splunk Search 08-10-2021 0 4	0	4
Table with two headings Hi ALL, I have the below data in a log . Type = success or error . region names( In, CN, EMEA, APAC) Time ... by Rukmani_Splunk Path Finder in Splunk Search 08-10-2021 0 0	0	0