Splunk Search

Community Activity

Event Line Breaking Upon reading: https://docs.splunk.com/Documentation/Splunk/latest/Data/Configureeventlinebreaking#Configure_event_lin... by Funderburg78 Path Finder in Splunk Search 06-16-2021 0 0	0	0
Use results of search field value to do subsearch and calculate success percentage I am attempting to get the success counts by using the results of a search of requests and checking each result for i... by RobKelley06 Explorer in Splunk Search 06-16-2021 0 4	0	4
How to combine two raw events based on status? The raw data was uploaded from a .txt file. I managed to create the table as below.rawTestFeatureNameStatusDateTimeSt... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 3	0	3
bad automatic SPL rewrite in 8.2.0 search if a field contains a relative file path Hi Splunk experts,I believe I found a bug in Splunk search.Some fields in my events contain file paths with relative ... by coenporteners Engager in Splunk Search 06-16-2021 0 0	0	0
Need to generate 0 results in case of no data available I have a dashboard panel where it is possibility we get no results in the indexer from the backend as it only sends r... by Learnersplunk21 Engager in Splunk Search 06-16-2021 0 2	0	2
How to extract the data with 3 different events based on a filter Hi all,Currently I have the following string to make a table with some values which belong to different events but th... by CristianLopez New Member in Splunk Search 06-16-2021 0 0	0	0
How to combine two searches Hi All,I want to combine "LogonIP" in two different searches and get 1 result. Query 1 index=testindex \| table LogonI... by alexspunkshell Contributor in Splunk Search 06-16-2021 0 4	0	4
Getting the occurrence count Right now I have a table with fields: DateTime, TestFeatureName and Status.How can I create another field "Occurrence... by moinyuso96 Path Finder in Splunk Search 06-16-2021 0 1	0	1
How can I search the content of all my lookups? I want a way to search the content of all my lookups.If I had just one lookup, I would do something like: \| inputloo... by gabriel_vasseur Contributor in Splunk Search 06-16-2021 1 0	1	0
Summarize data on xyseries chart HiI have spl command like this: \| rex "duration\[(?<duration>\d+)\].*?method:\s(?<method>[^\s]+)" \| xyseries _time me... by indeed_2000 Motivator in Splunk Search 06-15-2021 0 1	0	1
Append search result Hello Folks, In my current use case i receive events with 3 fields as json . { 'tid''123', ' 'type': 'R', 'app_name'... by rangarbus Path Finder in Splunk Search 06-15-2021 0 9	0	9
Fix appendpipe [stats count \| where count=0] in search Hi,When using the suggested appendpipe [stats count \| where count=0] I've noticed that the results which are not zero... by ebs Communicator in Splunk Search 06-15-2021 0 9	0	9
Preview Mode not working in Custom Command Hello, why do custom commands not work in Preview mode? Here is the INFO log I've recieved in my search.log: 04-13... by ivrift Engager in Splunk Search 06-15-2021 1 6	1	6
rex search not extracting correctly I am trying to extract 2 fields out of the result, but it keeps grabbing the wrong values.Example result:123456789:17... by RobKelley06 Explorer in Splunk Search 06-15-2021 0 1	0	1
How to calculate and display unique combinations where order doesn't matter but there can be no duplicate combinations? Let's say I want to display the total number of unique possible combinations for a given set of things (n) when vario... by marycordova SplunkTrust in Splunk Search 06-15-2021 0 4	0	4
Splunk Search Query which should match date format shown in logs. From file =/apps_data_01/scds2/billing/processed/ICD_TXN2_210613.csv To node =snode=MCCDPVPN To user = To file =DTF.A... by sunket6006 Engager in Splunk Search 06-15-2021 0 18	0	18
How to join two searches on a common field and include instances that don't overlap Hello,I have one search where I am finding inventory details for items going into carts and another search for cart s... by Traer001 Path Finder in Splunk Search 06-15-2021 0 0	0	0
How to add percentage in unstacked bar chart? I have a bar chart as shown below. I want to display the percentage of Error, Warn and Info as single value visualisa... by ritupatil02 Path Finder in Splunk Search 06-15-2021 0 6	0	6
Uptime Conversion Below is a two result conversion table. The data I am given, some will have days in the field and others will only h... by cinsley Explorer in Splunk Search 06-15-2021 0 3	0	3
Extract Key value data from raw events Hi Team,I am trying to pull the data for the below raw events.{"name":"Content-Length","valueList":["94"]}{"name":"Re... by bijodev1 Communicator in Splunk Search 06-15-2021 0 25	0	25
Expired job is running Hello, communityI have an issue, I see a running job in Activities, but it's expired.How can it be and how to fix? Th... by bosseres Contributor in Splunk Search 06-15-2021 0 0	0	0
timechart "method name duration over time" Hi I have log file like this:2021-06-15 13:39:47,762 INFO [APP] Exiting method , duration[109] User: general \|\| met... by indeed_2000 Motivator in Splunk Search 06-15-2021 0 4	0	4
Filed value filter based on time How to find field value for single dayCurrent table format\| inputlookup monthly.csvUser Time User1 ... by abdul Explorer in Splunk Search 06-15-2021 0 2	0	2
Alert when total number of events are above 20 per second, continuously for 5 mins I have to trigger an alert if total number of events are above 20 per second, continuously for 5 mins.Query :index=ab... by VS0909 Communicator in Splunk Search 06-15-2021 0 13	0	13
Looking to count average connections per minute in seperate hour blocks I'm looking to get a connections per minute search which breaks the results down by the hour. For example something l... by FC50 Path Finder in Splunk Search 06-15-2021 0 2	0	2