Splunk Search

Community Activity

	Different Results From Same Query I have question. Can anyone explain why same search query given different results in different time range?This is tim... by jack_sumatra Explorer in Splunk Search 07-13-2021 0 2	0	2
	Alert to Report Hi ,I have some alerts which i want to change as report . the reason is , if there are no events then alert is not se... by Susha Engager in Splunk Search 07-13-2021 0 3	0	3
	find empty directory that continuously index by Splunk HiI have path that every day logs copy to there/opt/splunk/logs/$DATEI create script that copy logs there but sometim... by indeed_2000 Motivator in Splunk Search 07-13-2021 0 3	0	3
	P90 Latency I have a query like this sourcetype=tseltdw tags{}= "request"\| fillnull data.service,data.service1, api_revamp,data.s... by jack_sumatra Explorer in Splunk Search 07-13-2021 0 0	0	0
	How to convert string time to seconds I have a TimeField with data format is like 4 Days 14 Hours 40 Minutes and sometimes 7 Hours 40 MinutesTimeField4 D... by sashib Explorer in Splunk Search 07-13-2021 0 3	0	3
	Parse json array and plot to a line chart I have the following data that I would like to parse and put into a line chart. There are millions of rows of data, ... by matt-1 Engager in Splunk Search 07-12-2021 0 3	0	3
	How could I look only at a defined time span in real-time-search? Hi, I'm new in working with Splunk - I began to explore the program last monday...I have the task to create a dashbo... by Felix82 Explorer in Splunk Search 07-12-2021 0 2	0	2
	Need help in developing splunk query Hi All,2021-07-12 09:33:20,659 - daemons.save_claim_dex.src.__main__ - INFO - Skill='SAVE_CLAIM_INFO', message='skill... by saireddy Loves-to-Learn Lots in Splunk Search 07-12-2021 0 4	0	4
	Returning events that have matching fields but on different days Hi thereTrying to track down events that have a condition where they appear on days different to one another.E.g. if ... by djohnson99 Explorer in Splunk Search 07-12-2021 0 3	0	3
	Nested search to identify null counts Below are my 2 log lines - 1.Successfully received message RECEIVED, payload={\"reference_id\":\"ABCD\"...}2. Success... by pinalshah341 Loves-to-Learn in Splunk Search 07-12-2021 0 4	0	4
	Join subsearch failure I have two different searches running against 2 different indexes to pull in realtime syslog data and enrich it with ... by victornajduch Loves-to-Learn Everything in Splunk Search 07-12-2021 0 10	0	10
	How to edit automatic field extractions I have some automatic field extractions specified in Props.conf per belowINDEXED_EXTRACTIONS=CSVHEADER_FIELD_LINE_NUM... by clintla Contributor in Splunk Search 07-12-2021 0 1	0	1
	ServiceNow is down/unavilable for 5 to 10 min Hi All,Am new to splunk. Need on help.We are using Splunk Add-on for Service Now in our splunk instance and sending e... by keshavkgupta Observer in Splunk Search 07-12-2021 0 1	0	1
	subtracting from "now(), or more specifically the time the query is run Hello all, I'm having trouble getting the correct difference in time when subtracting from the "now() " functions. An... by samnew4598 Explorer in Splunk Search 07-12-2021 0 1	0	1
	Calculating Percentage i just want to calculate the Passed Percentage of every date .i have the Passed Count as well as the Total devices.is... by vinod743374 Communicator in Splunk Search 07-12-2021 0 1	0	1
	extract module name (till colon) Hiregex for extract module name here is the log:15:25:36.999 user module_W: A[00]B[0000000]C[0]L: process read compe... by indeed_2000 Motivator in Splunk Search 07-12-2021 0 3	0	3
	Replace square brackets and leave original value Hi All,I have a field with the following value:[ "842cef72-745d-463c-8b49-ce16ccc5ebd2" ]I'd like to get rid of the s... by korstiaans Explorer in Splunk Search 07-12-2021 0 5	0	5
	Search Help Hello , I am trying to get the sales report for 3 months but the search results only gives the result for last 15 day... by mkhatri Loves-to-Learn in Splunk Search 07-12-2021 0 4	0	4
	Earliest time and latest time I'm doing Splunk search at 5 minute intervals. Getting data every 5 minutes. For example, earliest="07/10/2021:07:35:... by prithviraj New Member in Splunk Search 07-12-2021 0 1	0	1
	Average EPS We are using Splunk Cloud and the Cloud Monitoring Console provides a graph showing the KB/s and Events/s per forwar... by Rhidian Path Finder in Splunk Search 07-12-2021 0 0	0	0
	split 2 multivalue fields concurrently/ split 1 multivalues row into multiple row Hello,Currently encounter 1 issue which unable to split 2 multivalues fields concurrently.my table:Productcolordescri... by yuming1127 Path Finder in Splunk Search 07-12-2021 0 4	0	4
	help on single panel with trend hello I need to display a single panel with trend but it doesnt worksdoes it miss something? <dashboard> <label>VIZ... by jip31 Motivator in Splunk Search 07-12-2021 0 3	0	3
	Providing time filter in firedalerts rest apis I want to fetch the results from triggered alerts from time T1 to T2.Tried passing the earliest_time or earliest que... by palemmahesh Engager in Splunk Search 07-11-2021 0 1	0	1
	regex to extract "WFLY:" HiWhat is the regex for this "WFLY:"I want to get all jboss error code start with (WFLY) and (star wildcard) till co... by indeed_2000 Motivator in Splunk Search 07-11-2021 0 1	0	1
	Compare 2 datasets I have 2 data sets index=support source=sites earliest=-1d@d latest=-0d@dindex=support source=sites earliest=-0d@d la... by ppanchal Path Finder in Splunk Search 07-11-2021 0 8	0	8