Splunk Search

Community Activity

Adding Integers/numerical data in 2 multivalue fields to a new field Hi All,I think the subject of my questions says it all... I wanted to add numerical data from 2 multivalue fields, an... by jaysonpryde Path Finder in Splunk Search 07-27-2021 0 13	0	13
Compare on field values with another field values HelloI want compare one field values with another when I tried to compare it is coming in this format as shown in bel... by renuka Path Finder in Splunk Search 07-27-2021 0 10	0	10
Calculate hourly usage from Machine data Hi, I have uploaded a JSON data from one of my APM tools into Splunk to get some meaningful insights. The events are ... by shashank_24 Path Finder in Splunk Search 07-27-2021 0 3	0	3
% failures for same index Need help with a Splunk query to display % failures for each day during the time range selected, for same index but ... by VS0909 Communicator in Splunk Search 07-27-2021 0 1	0	1
How to specify a timezone in a datamodel Is there a way to specify a timezone in a datanmodel?I have an eval field called date relying on Splunk's _time field... by ebs Communicator in Splunk Search 07-27-2021 0 2	0	2
count number of arguments in bat file I'm trying to count of the number of occurrences / frequency /variations of arguments appearing for a bat file. For e... by thaitran2021 New Member in Splunk Search 07-27-2021 0 2	0	2
Getting data from Mainframe system?? Hi all, How to get data from Mainframe systems onto Splunk?? by shri_27 Path Finder in Splunk Search 07-27-2021 1 18	1	18
Extract the User-Agent from HTTP request Below the excerpt from my HTTP request and I'm trying to get the User-Agent value from it and so far not successful. ... by ashishmgupta Explorer in Splunk Search 07-27-2021 0 4	0	4
Single Query to alert when a process is down and alert when it is up on a linux server Hi All,I am trying to write simple & single query to alert when a process is down and alert again when the same proce... by sarves Loves-to-Learn Everything in Splunk Search 07-27-2021 0 0	0	0
Want to add a custom slider input Hi, How can i add a custom input which will be a slider with values ranging from 0 - 100 and pass the token value to... by sumeetsirohi1 New Member in Splunk Search 07-27-2021 0 5	0	5
Calculate percentage by eval status Hi Everyone! Could you please help, how to calculate (UP percentage) by app_service I have the query as: eval status=... by Noah Explorer in Splunk Search 07-27-2021 0 2	0	2
Value from a panel1, and using that value in panel2 in Splunk Dashboard? Is it possible to apply for a formula in dashboard?For eg: Taking a value from a panel1, and using that value in pane... by VS0909 Communicator in Splunk Search 07-27-2021 0 3	0	3
% failures for each day during the time range selected Need help with a Splunk query to display % failures for each day during the time range selected% failures = A1/A2 *1... by VS0909 Communicator in Splunk Search 07-27-2021 0 5	0	5
Inputcsv using a regex for the filename? I'd like to inputcsv a file using a wildcard for part of the file name. How can I accomplish this? More in-depth des... by nick405060 Motivator in Splunk Search 07-27-2021 0 6	0	6
Change search based on Token Value Hi,I am kind of new to Splunk and have a problem with my search. I have a dashboard where I have an input field for a... by moonie Explorer in Splunk Search 07-27-2021 0 1	0	1
Network topology Hi everyone!Maybe someone faced such a problem:I want to build a Layer 2 network topology, I have enough data for thi... by Zhanali Path Finder in Splunk Search 07-27-2021 0 4	0	4
How can you adjust timezone in search? Convert UTC to AEST Hi, I have a field value 2021-07-26T00:30:51.411 UTC which I got from \| eval strftime(_time,"%Y-%m-%dT%H:%M:%S.%Q %Z"... by ebs Communicator in Splunk Search 07-26-2021 0 5	0	5
Splunk query exclude keywords Hi alli need some help with my splunk query… basically I need to exclude all jobs from output with job name ending in... by Csingh Engager in Splunk Search 07-26-2021 0 1	0	1
How can i remove the particular user in table? I have the below query:\| inputlookup test.csv\| eval epochtime=strptime(_time, "%a %b %d %H:%M:%S %Y")\| eval desired_t... by Sangeetha96 Engager in Splunk Search 07-26-2021 0 1	0	1
Unable to search particular summary index field following Splunk upgrade from 7.0.0 to 8.1.4 Encountering a very odd issue where I have a daily summary index that has pretty simple key=value pairings for fields... by briancronrath Contributor in Splunk Search 07-26-2021 0 2	0	2
How to rename dbxquery fields in dashboards? I am converting many dashboards from using dbquery to dbxquery. I have a few hundred of these queries to convert, wi... by RickWilson Engager in Splunk Search 07-26-2021 0 3	0	3
How can we optimize a query that consumes lots of cpu? We have the following code that ran for one and a half hours last week and consumed lots of cpu. How can we optimize ... by danielbb Motivator in Splunk Search 07-26-2021 0 9	0	9
Search improvement Hi - looking for a more efficient way to do this, if anyone has any tips: index=xyz sourcetype=abc NOT user_email=una... by ibmbaranski Engager in Splunk Search 07-26-2021 0 1	0	1
Log format for Splunk key=value Hello guys,do you advice this log format:key=value instead of key="value" ? Thanks. by splunkreal Motivator in Splunk Search 07-26-2021 0 2	0	2
Loop through single column list in Inputlookup csv and check if column values are found across multiple index events Hello. I have an input lookup csv file with a single column named “Domain” that has a list of domain names in that co... by dk777 New Member in Splunk Search 07-26-2021 0 1	0	1