Splunk Search

Community Activity

	How to add a new row, and copy some values from other rows, while changing others. Hello all, I currently have the following data set, and a table will look like this:TestIterationResultsTest11400Test... by xaxvier Engager in Splunk Search 07-02-2021 0 0	0	0
	How would I return the value of a correlating field by giving the value of another field... I am working with a stats table with 7 fields.\| tstats count as "f" where a=* b=* c=* d=* e=* by a b c d e\| stats ... by jason_hotchkiss Communicator in Splunk Search 07-02-2021 0 3	0	3
	NOT Statement based on lookup not working I am trying to remove logs based on a lookup. This is what I am using: index=myindex "string_to_search_for" NOT [... by rogueakula1 Loves-to-Learn Lots in Splunk Search 07-02-2021 0 2	0	2
	Stats Command and timestamp Hi ,I am using a stats command with a "by" time field, but i am not getting the result.If i remove the time field i a... by chuck_life09 Path Finder in Splunk Search 07-02-2021 0 3	0	3
	How to get Field values as column names/headers in the table output Hi Team,I have a simple requirement but unable to get it. I am using a queryindex=tms sourcetype=kafka type=ssh\| stat... by poddura Observer in Splunk Search 07-02-2021 0 1	0	1
	Sort column headers in timechart - customize Hi,I would like to ask you, of there is some possibility order column based on requirement.Case: <search> \|eval lower... by martin86 Engager in Splunk Search 07-02-2021 0 2	0	2
	Service now data calculated percentage of P1,P2,P3 but when ever there is no P1 or P2 or P3 tickets need to show as NA Hi All, I need help with the below requirement. I am getting data from the service now. I calculated the percentage d... by 999balaji9 Loves-to-Learn in Splunk Search 07-02-2021 0 3	0	3
	How to efficiently show the difference between two fields from different sources Hey All,Here is my searchindex=main event_simpleName=NeighborListIP4 OR event_simpleName=SensorHeartbeat\| rex field=N... by nathg123 Loves-to-Learn Lots in Splunk Search 07-01-2021 0 3	0	3
	Appendpipe alters field values when not null Hi,I'm inserting an appendpipe into my SPL so that in the event there are no results, a stats table will still be pro... by ebs Communicator in Splunk Search 07-01-2021 0 5	0	5
	How to give Line break in eval and display the same in single value chart Hello,I am trying to display some data in field "result" for me in a single value chart using below query, and color/... by ashutoshwalke Explorer in Splunk Search 07-01-2021 0 5	0	5
	Set Schedule for UF Would it be possible to configure SPLUNK UF to scan (/pick) files/data from the server at particular time of a day/we... by SplunkDash Motivator in Splunk Search 07-01-2021 0 6	0	6
	Can Splunk ES (Enterprise Security) work independent of Splunk Enterprise? Can Splunk ES (Enterprise Security) work independent of Splunk Enterprise? I mean, does one have to have Splunk Enter... by SamHTexas Builder in Splunk Search 07-01-2021 0 1	0	1
	Palo/Splunk Parsing Issue - Field values are Truncating Having a strange issue and not sure what my culprit/problem is. Have a panorama to syslogng to Heavy Forwarder to In... by ghostdog920 Path Finder in Splunk Search 07-01-2021 0 1	0	1
	Use curl to collect data into summary index Is there an API that I could use to trigger a saved search that can collect data from an index into a summary index? by wanderingHeight New Member in Splunk Search 07-01-2021 0 3	0	3
	Conditional lookup call based on string length Hi all,I'm working on a dashboard query that preprocesses data for a \| geostats command. The end goal is to pipe data... by ft_kd02 Path Finder in Splunk Search 07-01-2021 0 7	0	7
	Error in 'lookup' command: Cannot find the source field I have a csv lookup table of IP addresses that I want to execute searches on server logs with, but I'm stopped by an ... by ktell Explorer in Splunk Search 07-01-2021 0 5	0	5
	edit fields I have the below column whereby im pinging the url in the column, but for a nicer view I only want to display the pc ... by sphiwee Contributor in Splunk Search 07-01-2021 0 2	0	2
	Need SPL query Hi All,I have a unique values like below in my splunk dashboard, Email account: Anaoymzersab@gmail.com ... by SabariRajanT Path Finder in Splunk Search 07-01-2021 0 2	0	2
	lookup tool tip hihow can i use lookup without show it in place.e.g. when move mouse over 404 just show tool tip that show "page not ... by indeed_2000 Motivator in Splunk Search 07-01-2021 0 1	0	1
	How to Calculate the total duration? Hi, I'm trying to get the total duration of events for each user from access logs with time gap. sample event:_time ... by knalla Path Finder in Splunk Search 07-01-2021 0 1	0	1
	Updating a value in a lookup Hello,I have a lookup called top sites with the bellow: NameIp addresstest110.10.10.10test210.10.10.11Test310.10.10.1... by joe06031990 Communicator in Splunk Search 06-30-2021 0 3	0	3
	Subtraction of multiple values in same cell So I’m pretty new to splunk and I do feel like this should be a lot simpler than I’m making it.I need two epoch times... by shivaa Explorer in Splunk Search 06-30-2021 0 4	0	4
	How to use top command (or stats with sort) results with another top command or subsearch? Hello all, I'm trying to get the stats commands to work in chain. I have the following data: 08 January 2016 09:1... by selim Path Finder in Splunk Search 06-30-2021 0 5	0	5
	How to fix "Could not load lookup=LOOKUP-app_proto"? Hello Splunkers, I keep getting the error message "Could not load lookup=LOOKUP-app_proto" in multiple apps on multip... by eliasit Path Finder in Splunk Search 06-30-2021 0 8	0	8
	Using mvappend within a cidrmatch macro I already have the following macro `subnet(3)` defined as the following: \| eval subnet = case(cidrmatch("$ip1$/24"... by CarbonCriterium Path Finder in Splunk Search 06-30-2021 0 1	0	1