Splunk Search

Community Activity

Substituting host and source data Hello - I am using the following two searches:The first search is creating a table consisting of _time, idx, and b. ... by jason_hotchkiss Communicator in Splunk Search 08-04-2021 0 0	0	0
STACKED area chart?? Will Splunk do a stacked area chart? I'm able to get an area chart, but it's not 'stacked' (so each proxy totals to ... by a277437 Explorer in Splunk Search 08-04-2021 0 3	0	3
How to find the difference of multiple event types in non-sequential order? I have the data with different event types in the data say A to M.. Wanted to find time diffrence which tookfor each ... by iamsplunker Communicator in Splunk Search 08-04-2021 0 3	0	3
Network topology Hi everyone!Maybe someone faced such a problem:I want to build a Layer 2 network topology, I have enough data for thi... by Zhanali1 Loves-to-Learn Lots in Splunk Search 08-04-2021 0 1	0	1
Get the list of unique combination I would like to find1. all unique combination of actionKey, modelName, programName2. only consider data if they have ... by samdjava Engager in Splunk Search 08-04-2021 0 3	0	3
I want to calculate a difference between count columns and want to project the growth in the number of messages each mon Here's my query and I want to calculate the difference between count (_raw) each month . It would be a running column... by dhruvin24 New Member in Splunk Search 08-04-2021 0 2	0	2
Error message when running a subsearch after upgrading to Splunk 8.0.4.: "StatsFileReader file open failed file". Hi all, Upon a recent upgrade to Splunk 8.0.4, I started seeing this error message when running a subsearch against a... by damiensurat Contributor in Splunk Search 08-04-2021 0 1	0	1
Json timestamp miliseconds Hi, hello,Splunk is not showing up miliseconds for JSON logs. I have find some Questions and Answers here in splunk c... by Jakub Explorer in Splunk Search 08-04-2021 0 2	0	2
map value not passing Hi,I have a query which returns around 4000 results and I want to run map query for all that 4000 results. This is th... by himanshu_mps Loves-to-Learn Everything in Splunk Search 08-04-2021 0 0	0	0
Regex field extraction Hello all,I have one sourcetype that does not allow me to create a static field extraction, because we have several f... by nmsaraujo Explorer in Splunk Search 08-04-2021 0 4	0	4
PROPS Conf-Time_FORMAT and TIME_PREFIX Hi,How would I write Time_FORMAT and TIME_PREFIX for my Props Conf file for the following sample events. Any help wil... by SplunkDash Motivator in Splunk Search 08-03-2021 0 3	0	3
empty fields in a table why does Splunk display empty fields in the table even though there are values there by gagareg Explorer in Splunk Search 08-03-2021 0 5	0	5
using rex inside map search index=error sourcetype=error_log "Retry counter reached"\| makemv delim="=",values\| dedup errId\| table errId \| ... by a2021cdev Observer in Splunk Search 08-03-2021 0 3	0	3
Counting duplicates when filed equals value I have the following scenario where duplicate accounts has been created for a transaction id value. I would like to c... by alwinaugustin Engager in Splunk Search 08-03-2021 0 1	0	1
Having trouble creating an embed for a report, AJAX call getting a 404 response Hi Splunk community,I am having trouble creating an embed from a saved report. The website is throwing a 404 error w... by benjamin_c_adam New Member in Splunk Search 08-03-2021 0 0	0	0
TA-webtools How do you format an array using TA-webtools GET? Trying to filter the get response using an array. severity=Critic... by coreyCLI Communicator in Splunk Search 08-03-2021 0 1	0	1
Add row in table if value not present in the field I have a table output from Splunk Query(Not posting original values of table due to sensitive data)Col_A Col_B Col... by ngautam760 Engager in Splunk Search 08-03-2021 0 3	0	3
"Page not found" when trying to search through REST API Hello everyone!I receive "Page not found" message when I try to search using REST API.My URL: [splunkhost]/en-US/serv... by dzkashlach Engager in Splunk Search 08-03-2021 0 2	0	2
Splunk Es Hi Splunkers.Could anyone give me some info on what kind of attacks I can work on based on Linux and Windows logs. I'... by revanthammineni Path Finder in Splunk Search 08-03-2021 0 1	0	1
Required Regex Hi Team,I will be getting below text randomly in logs, I need a regex for the 1st IP's separately & 2nd IP's separate... by SabariRajanT Path Finder in Splunk Search 08-03-2021 0 2	0	2
How to encode a URL for a Hipchat notification alert action if there is no urlencode() function? Hi all, I have a Splunk alert configured to send Hipchat notifications. My goal is to have a link in the search to g... by floriancoulmier Engager in Splunk Search 08-03-2021 3 12	3	12
Date Calculation (Negative Display) I have a query where in I am subtracting 2 dates from the current time. While my query works, I have noted that if t... by willadams Contributor in Splunk Search 08-03-2021 0 2	0	2
Removing some field values from a mulitiple value field hello,I want to remove the string in field_2 from field_1.I want it to be like the value in the result field.Like a l... by youngrap Explorer in Splunk Search 08-03-2021 0 2	0	2
compare two fields with against other field not in order Hi I'm trying to compare two fields against one field, can anyone please suggest how can I achieve this.Cluster ... by kirrusk Communicator in Splunk Search 08-03-2021 0 3	0	3
Calculate time taken from each failed task to next successful task(MTTR) from a list of tasks Hello all,I have a dashboard and the source is json files.{<!-- -->"ID": "123","TIME": "Jul 11, 2021, 08:55:54 AM","STATUS": ... by anooshac Communicator in Splunk Search 08-03-2021 0 10	0	10