Splunk Search

Community Activity

Search certain ratio of minimum data the Scenario like this: I want to pick up 5% minimum value from thousands of data, Example:1,2,3 ,4 5,6,7,8,9,10 I... by KongJian Engager in Splunk Search 06-17-2021 0 3	0	3
alert when json data changes is there a way to alert when json data changes? i want to track changes for a variety of apis results/output that sho... by gdavid Path Finder in Splunk Search 06-17-2021 0 1	0	1
how to sort() version values. Hello,I am having values of a particular application as below.Looking to get the maximum version value or sorting the... by karthik_y Engager in Splunk Search 06-17-2021 1 4	1	4
how to make a search for two or more source file with wildcard or regex? What search criteria should I include to only get these logs?D:\Applications\Windows.App.0001\app1\logs\log-06-17-202... by iamuser Engager in Splunk Search 06-17-2021 0 2	0	2
Average alarms per reader over time A bit ago I submitted a question regarding how to get the average alarms per reader. So for example we have 100 alarm... by msage Path Finder in Splunk Search 06-17-2021 0 2	0	2
How to keep results with a count of 0 Hello,I have a search that is joining two searches (one for cart details and one for items that have been brought to ... by Traer001 Path Finder in Splunk Search 06-17-2021 0 2	0	2
result of two searches in one variable Hi,I would like to have a dashboard panel with just a number, which should be the substraction of two values obtained... by Bettynet Engager in Splunk Search 06-17-2021 0 5	0	5
Logfile with multiple newlines splunk only grabs the first line I'm fairly new to splunk so please bare with me. I have a logfile that has multiple lines of data. However when I do ... by kashnburn Engager in Splunk Search 06-17-2021 0 2	0	2
Update Time Field for a User on Table Hi,I am making a report that needs to identify how long long since a user launch an application. Can I use splunk to ... by aquinojason Path Finder in Splunk Search 06-17-2021 0 2	0	2
Subtotal percentage with stats I'm working with Windows events, and want to make following report/search:process1 ... by dauren_akilbeko Communicator in Splunk Search 06-17-2021 0 3	0	3
Can earliest/latest function be used over my own timestamp field? Hi folks, my dataset looks like this:timestampiduserMailreasont1id1a@example.comtestt2id1a@example.comtestt3id1a@exam... by codewarrior Loves-to-Learn Everything in Splunk Search 06-17-2021 0 3	0	3
Fields with '=' as value stored in summary index are not extracted I am storing a certain dataset in summary index which has some events with fields where the values are '=' or '=='. W... by darshan Observer in Splunk Search 06-17-2021 0 0	0	0
How to join filtering search Hi community,starting form a custom commands that returns a list of hostnames, I have the need to filter out:platform... by martaBenedetti Path Finder in Splunk Search 06-17-2021 0 2	0	2
Find count of repeat phone calls I'm would like to construct a search of our phone logs that provides a report indicating when a person calls someone ... by richnavis Contributor in Splunk Search 06-16-2021 0 1	0	1
Geostats Not showing Data with Zero Counts Hi, I have a query that returns Location(Location number, Lattitude, Longitude) and I have calculated the number of ... by anurag1005 Loves-to-Learn Everything in Splunk Search 06-16-2021 0 1	0	1
Splitting raw field after transaction I used transaction to combine 2 rows of raw fields:raw4015_ABCD, Start, 8/11/2020 5:37:10 PM, 123454015_ABCD, Complet... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 2	0	2
Time chart events per index per month but only first n events per month \| metasearch index="l-hhvm" OR index="l-nginx" \| timechart count as event span=1month by index \| eventstats max(event... by jonzatlmi Explorer in Splunk Search 06-16-2021 0 1	0	1
Create an eval if when the results from stats are 0 Is there a way, besides fillnull, to do an eval if(averageResponse=0, 0.000)?Basically, I want to be able to have the... by ebs Communicator in Splunk Search 06-16-2021 0 9	0	9
Calculation based on comparison of previous event's field to current event's field My objective is to increment ReplicaCount if the previous event's field value matches the current event's field value... by actionabledata Path Finder in Splunk Search 06-16-2021 0 3	0	3
Event Line Breaking Upon reading: https://docs.splunk.com/Documentation/Splunk/latest/Data/Configureeventlinebreaking#Configure_event_lin... by Funderburg78 Path Finder in Splunk Search 06-16-2021 0 0	0	0
Use results of search field value to do subsearch and calculate success percentage I am attempting to get the success counts by using the results of a search of requests and checking each result for i... by RobKelley06 Explorer in Splunk Search 06-16-2021 0 4	0	4
How to combine two raw events based on status? The raw data was uploaded from a .txt file. I managed to create the table as below.rawTestFeatureNameStatusDateTimeSt... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 3	0	3
bad automatic SPL rewrite in 8.2.0 search if a field contains a relative file path Hi Splunk experts,I believe I found a bug in Splunk search.Some fields in my events contain file paths with relative ... by coenporteners Engager in Splunk Search 06-16-2021 0 0	0	0
Need to generate 0 results in case of no data available I have a dashboard panel where it is possibility we get no results in the indexer from the backend as it only sends r... by Learnersplunk21 Engager in Splunk Search 06-16-2021 0 2	0	2
How to extract the data with 3 different events based on a filter Hi all,Currently I have the following string to make a table with some values which belong to different events but th... by CristianLopez New Member in Splunk Search 06-16-2021 0 0	0	0