Splunk Search

Community Activity

How to combine two searches Hi All,I want to combine "LogonIP" in two different searches and get 1 result. Query 1 index=testindex \| table LogonI... by alexspunkshell Contributor in Splunk Search 06-16-2021 0 4	0	4
Getting the occurrence count Right now I have a table with fields: DateTime, TestFeatureName and Status.How can I create another field "Occurrence... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 1	0	1
How can I search the content of all my lookups? I want a way to search the content of all my lookups.If I had just one lookup, I would do something like: \| inputloo... by gabriel_vasseur Contributor in Splunk Search 06-16-2021 1 0	1	0
Summarize data on xyseries chart HiI have spl command like this: \| rex "duration\[(?<duration>\d+)\].*?method:\s(?<method>[^\s]+)" \| xyseries _time me... by indeed_2000 Motivator in Splunk Search 06-15-2021 0 1	0	1
Append search result Hello Folks, In my current use case i receive events with 3 fields as json . { 'tid''123', ' 'type': 'R', 'app_name'... by rangarbus Path Finder in Splunk Search 06-15-2021 0 9	0	9
Fix appendpipe [stats count \| where count=0] in search Hi,When using the suggested appendpipe [stats count \| where count=0] I've noticed that the results which are not zero... by ebs Communicator in Splunk Search 06-15-2021 0 9	0	9
Preview Mode not working in Custom Command Hello, why do custom commands not work in Preview mode? Here is the INFO log I've recieved in my search.log: 04-13... by ivrift Engager in Splunk Search 06-15-2021 1 6	1	6
rex search not extracting correctly I am trying to extract 2 fields out of the result, but it keeps grabbing the wrong values.Example result:123456789:17... by RobKelley06 Explorer in Splunk Search 06-15-2021 0 1	0	1
How to calculate and display unique combinations where order doesn't matter but there can be no duplicate combinations? Let's say I want to display the total number of unique possible combinations for a given set of things (n) when vario... by marycordova SplunkTrust in Splunk Search 06-15-2021 0 4	0	4
Splunk Search Query which should match date format shown in logs. From file =/apps_data_01/scds2/billing/processed/ICD_TXN2_210613.csv To node =snode=MCCDPVPN To user = To file =DTF.A... by sunket6006 Engager in Splunk Search 06-15-2021 0 18	0	18
How to join two searches on a common field and include instances that don't overlap Hello,I have one search where I am finding inventory details for items going into carts and another search for cart s... by Traer001 Path Finder in Splunk Search 06-15-2021 0 0	0	0
How to add percentage in unstacked bar chart? I have a bar chart as shown below. I want to display the percentage of Error, Warn and Info as single value visualisa... by ritupatil02 Path Finder in Splunk Search 06-15-2021 0 6	0	6
Uptime Conversion Below is a two result conversion table. The data I am given, some will have days in the field and others will only h... by cinsley Explorer in Splunk Search 06-15-2021 0 3	0	3
Extract Key value data from raw events Hi Team,I am trying to pull the data for the below raw events.{"name":"Content-Length","valueList":["94"]}{"name":"Re... by bijodev1 Communicator in Splunk Search 06-15-2021 0 25	0	25
Expired job is running Hello, communityI have an issue, I see a running job in Activities, but it's expired.How can it be and how to fix? Th... by bosseres Contributor in Splunk Search 06-15-2021 0 0	0	0
timechart "method name duration over time" Hi I have log file like this:2021-06-15 13:39:47,762 INFO [APP] Exiting method , duration[109] User: general \|\| met... by indeed_2000 Motivator in Splunk Search 06-15-2021 0 4	0	4
Filed value filter based on time How to find field value for single dayCurrent table format\| inputlookup monthly.csvUser Time User1 ... by abdul Explorer in Splunk Search 06-15-2021 0 2	0	2
Alert when total number of events are above 20 per second, continuously for 5 mins I have to trigger an alert if total number of events are above 20 per second, continuously for 5 mins.Query :index=ab... by VS0909 Communicator in Splunk Search 06-15-2021 0 13	0	13
Looking to count average connections per minute in seperate hour blocks I'm looking to get a connections per minute search which breaks the results down by the hour. For example something l... by FC50 Path Finder in Splunk Search 06-15-2021 0 2	0	2
Is there a way to change Time range picker in ES Glass tables? by snallam123 Path Finder in Splunk Search 06-15-2021 0 0	0	0
Need help in latest and earliest macro Hello all, I am trying to add a earliest and latest macros in a saved search where the earliest is -7d@d and latest b... by srinivas_gowda Path Finder in Splunk Search 06-15-2021 0 2	0	2
why it is not giving the results of all commands but on the 90 days command bin _time span=1d \|stats count by _time\| eval time_chunk = case(_time > relative_time(now(), "-30d") AND _time < rela... by haripotu Loves-to-Learn Everything in Splunk Search 06-15-2021 0 4	0	4
I need get the no.of events over 30 days, 60days and 90 days over column cart Hi, I need to get the no.of events happened over last 90 days, 60 days, 30 days in one column chart. Using eval, if. ... by haripotu Loves-to-Learn Everything in Splunk Search 06-15-2021 0 3	0	3
How do I find transaction that does not contain an event? Hi I have a log like below.x INFO id=abc123 Started Processingx+1 INFO id=abc123 Ended Processingx+2 INFO id=abc123 N... by vgodavarty0116 Engager in Splunk Search 06-14-2021 0 1	0	1
Join multiple fields into few unique field Hi,I'm looking something similar to this, but please note that the description* wildcard can go up to 20+ fields, sam... by yuming1127 Path Finder in Splunk Search 06-14-2021 0 1	0	1