Splunk Search

Community Activity

Geostats Not showing Data with Zero Counts Hi, I have a query that returns Location(Location number, Lattitude, Longitude) and I have calculated the number of ... by anurag1005 Loves-to-Learn Everything in Splunk Search 06-16-2021 0 1	0	1
Splitting raw field after transaction I used transaction to combine 2 rows of raw fields:raw4015_ABCD, Start, 8/11/2020 5:37:10 PM, 123454015_ABCD, Complet... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 2	0	2
Time chart events per index per month but only first n events per month \| metasearch index="l-hhvm" OR index="l-nginx" \| timechart count as event span=1month by index \| eventstats max(event... by jonzatlmi Explorer in Splunk Search 06-16-2021 0 1	0	1
Create an eval if when the results from stats are 0 Is there a way, besides fillnull, to do an eval if(averageResponse=0, 0.000)?Basically, I want to be able to have the... by ebs Communicator in Splunk Search 06-16-2021 0 9	0	9
Calculation based on comparison of previous event's field to current event's field My objective is to increment ReplicaCount if the previous event's field value matches the current event's field value... by actionabledata Path Finder in Splunk Search 06-16-2021 0 3	0	3
Event Line Breaking Upon reading: https://docs.splunk.com/Documentation/Splunk/latest/Data/Configureeventlinebreaking#Configure_event_lin... by Funderburg78 Path Finder in Splunk Search 06-16-2021 0 0	0	0
Use results of search field value to do subsearch and calculate success percentage I am attempting to get the success counts by using the results of a search of requests and checking each result for i... by RobKelley06 Explorer in Splunk Search 06-16-2021 0 4	0	4
How to combine two raw events based on status? The raw data was uploaded from a .txt file. I managed to create the table as below.rawTestFeatureNameStatusDateTimeSt... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 3	0	3
bad automatic SPL rewrite in 8.2.0 search if a field contains a relative file path Hi Splunk experts,I believe I found a bug in Splunk search.Some fields in my events contain file paths with relative ... by coenporteners Engager in Splunk Search 06-16-2021 0 0	0	0
Need to generate 0 results in case of no data available I have a dashboard panel where it is possibility we get no results in the indexer from the backend as it only sends r... by Learnersplunk21 Engager in Splunk Search 06-16-2021 0 2	0	2
How to extract the data with 3 different events based on a filter Hi all,Currently I have the following string to make a table with some values which belong to different events but th... by CristianLopez New Member in Splunk Search 06-16-2021 0 0	0	0
How to combine two searches Hi All,I want to combine "LogonIP" in two different searches and get 1 result. Query 1 index=testindex \| table LogonI... by alexspunkshell Contributor in Splunk Search 06-16-2021 0 4	0	4
Getting the occurrence count Right now I have a table with fields: DateTime, TestFeatureName and Status.How can I create another field "Occurrence... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 1	0	1
How can I search the content of all my lookups? I want a way to search the content of all my lookups.If I had just one lookup, I would do something like: \| inputloo... by gabriel_vasseur Contributor in Splunk Search 06-16-2021 1 0	1	0
Summarize data on xyseries chart HiI have spl command like this: \| rex "duration\[(?<duration>\d+)\].*?method:\s(?<method>[^\s]+)" \| xyseries _time me... by indeed_2000 Motivator in Splunk Search 06-15-2021 0 1	0	1
Append search result Hello Folks, In my current use case i receive events with 3 fields as json . { 'tid''123', ' 'type': 'R', 'app_name'... by rangarbus Path Finder in Splunk Search 06-15-2021 0 9	0	9
Fix appendpipe [stats count \| where count=0] in search Hi,When using the suggested appendpipe [stats count \| where count=0] I've noticed that the results which are not zero... by ebs Communicator in Splunk Search 06-15-2021 0 9	0	9
Preview Mode not working in Custom Command Hello, why do custom commands not work in Preview mode? Here is the INFO log I've recieved in my search.log: 04-13... by ivrift Engager in Splunk Search 06-15-2021 1 6	1	6
rex search not extracting correctly I am trying to extract 2 fields out of the result, but it keeps grabbing the wrong values.Example result:123456789:17... by RobKelley06 Explorer in Splunk Search 06-15-2021 0 1	0	1
How to calculate and display unique combinations where order doesn't matter but there can be no duplicate combinations? Let's say I want to display the total number of unique possible combinations for a given set of things (n) when vario... by marycordova SplunkTrust in Splunk Search 06-15-2021 0 4	0	4
Splunk Search Query which should match date format shown in logs. From file =/apps_data_01/scds2/billing/processed/ICD_TXN2_210613.csv To node =snode=MCCDPVPN To user = To file =DTF.A... by sunket6006 Engager in Splunk Search 06-15-2021 0 18	0	18
How to join two searches on a common field and include instances that don't overlap Hello,I have one search where I am finding inventory details for items going into carts and another search for cart s... by Traer001 Path Finder in Splunk Search 06-15-2021 0 0	0	0
How to add percentage in unstacked bar chart? I have a bar chart as shown below. I want to display the percentage of Error, Warn and Info as single value visualisa... by ritupatil02 Path Finder in Splunk Search 06-15-2021 0 6	0	6
Uptime Conversion Below is a two result conversion table. The data I am given, some will have days in the field and others will only h... by cinsley Explorer in Splunk Search 06-15-2021 0 3	0	3
Extract Key value data from raw events Hi Team,I am trying to pull the data for the below raw events.{"name":"Content-Length","valueList":["94"]}{"name":"Re... by bijodev1 Communicator in Splunk Search 06-15-2021 0 25	0	25