Splunk Search

Community Activity

Find difference between numerical values in a Multivalue field Hi,As mentioned in the subject, I wanted to perform a simple subtraction operation on individual values/elements with... by jaysonpryde Path Finder in Splunk Search 07-28-2021 0 2	0	2
Stats format help Hi,I have below output with my search, base search\| stats count by User, actionUseractioncountAlexinstall3Alexuninsta... by SS1 Path Finder in Splunk Search 07-28-2021 0 1	0	1
Search Using Lookup with Multiple Search Terms for the Same Field Hello All.I am trying to use a lookup to perform a tstats search against a data model, where I want multiple search t... by stauff Explorer in Splunk Search 07-28-2021 0 2	0	2
How to extract a seconday date/time? I have a scripted input created to monitor certificate expiration.An example event:Tue Jul 27 12:07:55 CDT 2021,/opt/... by Stefanie Builder in Splunk Search 07-28-2021 0 3	0	3
Count by start of string I have an query thatindex ="main" \|stats count by Text \|sort -count \| table count Textresults:countText10dog fish20 ... by kooojo Engager in Splunk Search 07-28-2021 0 3	0	3
Remove start of result I have an query thatindex ="main" \|stats count by Text \|sort -count \| table count Textresults:countText10b'dog fish20... by kooojo Engager in Splunk Search 07-28-2021 0 1	0	1
Search a two messages from 6 hosts and show top 6 results HiI am trying to search two strings in message like "Stopped successfully" and "connected" from 6 host names.Please h... by sandeepparcha44 Explorer in Splunk Search 07-28-2021 0 9	0	9
Find incommon values within two Inputlookups without JOIN / Search NOT Hello,I have a search where I need to combine two inputlookups to find incommon values in a field they both have. The... by moonie Explorer in Splunk Search 07-28-2021 0 4	0	4
combine result foreach HelloI have a auditd search like type=EXECVE msg=audit(16): a0="sendmail" a1="-t"I would like one field with any fiel... by kevin94120 Explorer in Splunk Search 07-28-2021 0 11	0	11
Adding Integers/numerical data in 2 multivalue fields to a new field Hi All,I think the subject of my questions says it all... I wanted to add numerical data from 2 multivalue fields, an... by jaysonpryde Path Finder in Splunk Search 07-27-2021 0 13	0	13
Compare on field values with another field values HelloI want compare one field values with another when I tried to compare it is coming in this format as shown in bel... by renuka Path Finder in Splunk Search 07-27-2021 0 10	0	10
Calculate hourly usage from Machine data Hi, I have uploaded a JSON data from one of my APM tools into Splunk to get some meaningful insights. The events are ... by shashank_24 Path Finder in Splunk Search 07-27-2021 0 3	0	3
% failures for same index Need help with a Splunk query to display % failures for each day during the time range selected, for same index but ... by VS0909 Communicator in Splunk Search 07-27-2021 0 1	0	1
How to specify a timezone in a datamodel Is there a way to specify a timezone in a datanmodel?I have an eval field called date relying on Splunk's _time field... by ebs Communicator in Splunk Search 07-27-2021 0 2	0	2
count number of arguments in bat file I'm trying to count of the number of occurrences / frequency /variations of arguments appearing for a bat file. For e... by thaitran2021 New Member in Splunk Search 07-27-2021 0 2	0	2
Getting data from Mainframe system?? Hi all, How to get data from Mainframe systems onto Splunk?? by shri_27 Path Finder in Splunk Search 07-27-2021 1 18	1	18
Extract the User-Agent from HTTP request Below the excerpt from my HTTP request and I'm trying to get the User-Agent value from it and so far not successful. ... by ashishmgupta Explorer in Splunk Search 07-27-2021 0 4	0	4
Single Query to alert when a process is down and alert when it is up on a linux server Hi All,I am trying to write simple & single query to alert when a process is down and alert again when the same proce... by sarves Loves-to-Learn Everything in Splunk Search 07-27-2021 0 0	0	0
Want to add a custom slider input Hi, How can i add a custom input which will be a slider with values ranging from 0 - 100 and pass the token value to... by sumeetsirohi1 New Member in Splunk Search 07-27-2021 0 5	0	5
Calculate percentage by eval status Hi Everyone! Could you please help, how to calculate (UP percentage) by app_service I have the query as: eval status=... by Noah Explorer in Splunk Search 07-27-2021 0 2	0	2
Value from a panel1, and using that value in panel2 in Splunk Dashboard? Is it possible to apply for a formula in dashboard?For eg: Taking a value from a panel1, and using that value in pane... by VS0909 Communicator in Splunk Search 07-27-2021 0 3	0	3
% failures for each day during the time range selected Need help with a Splunk query to display % failures for each day during the time range selected% failures = A1/A2 *1... by VS0909 Communicator in Splunk Search 07-27-2021 0 5	0	5
Inputcsv using a regex for the filename? I'd like to inputcsv a file using a wildcard for part of the file name. How can I accomplish this? More in-depth des... by nick405060 Motivator in Splunk Search 07-27-2021 0 6	0	6
Change search based on Token Value Hi,I am kind of new to Splunk and have a problem with my search. I have a dashboard where I have an input field for a... by moonie Explorer in Splunk Search 07-27-2021 0 1	0	1
Network topology Hi everyone!Maybe someone faced such a problem:I want to build a Layer 2 network topology, I have enough data for thi... by Zhanali Path Finder in Splunk Search 07-27-2021 0 4	0	4