Splunk Search

Community Activity

how to get statistical values for different fields I have to create a base search for a dashboard and I am kinda stuck. Any help would be appreciated. index=service msg... by varsh_6_8_6 Explorer in Splunk Search 09-30-2024 0 2	0	2
Is there a way to monitor the number of files in the dispatch directory over time? Hi I am looking to monitor the dispatch directory over time.I know I can get the current results by using this\| rest ... by robertlynch2020 Influencer in Splunk Search 09-30-2024 0 3	0	3
eval percent line is not producing values in the table I am working on obtaining all user logins for a specified domain, then displaying what percent of those logins were f... by DLevine_ Explorer in Splunk Search 09-30-2024 0 4	0	4
How to identify a skipped scheduled accelerated report ? I have noticed that a saved search is chronically skipped, almost 100% but I cannot trace it back to the origin.The s... by Glasses2 Communicator in Splunk Search 09-30-2024 0 4	0	4
Filter for messages that contains text with quotation marks Hi, I'm having a hard time trying to narrow down my search results. I would like to return only the results that cont... by raculim Explorer in Splunk Search 09-30-2024 0 6	0	6
How to join search results from two indexes based on multiple conditions I have 2 indexes - index_1 and index_2index_1 has the following fieldsindex1IdcurrEventIdprevEventIdindex_2 has the f... by ravi_lookout Explorer in Splunk Search 09-30-2024 0 10	0	10
Dynamic eval mvindex. Good morning fellow splunkers.I have a challenge and was wondering if anyone could help me. In some logs with multipl... by BoscoBaracus Engager in Splunk Search 09-30-2024 0 5	0	5
Splunk dashboard table panel with dynamic token hello, I have an issue when creating some visualization in splunk dashboard. Im using dashboard studio, and my object... by elend Communicator in Splunk Search 09-28-2024 0 5	0	5
Why does Dashboard Classic not return result even though "Open in search" does? Here is a really simple dashboard: <form version="1.1" theme="light"> <label>Simple input</label> <fieldset submi... by yuanliu SplunkTrust in Splunk Search 09-28-2024 0 1	0	1
not getting output Hi All I am using Office365, i have an office365 unified group and users are getting removed from this office365 gro... by risingflight143 Explorer in Splunk Search 09-28-2024 0 1	0	1
How to update enableSched in savedsearch.conf using python script I have to create a custom command using python script to update a particular property(enableSched) from 1 to 0 or 0 t... by sivaranjiniG Communicator in Splunk Search 09-28-2024 0 1	0	1
Produce single row by combining multiple row and column Hi Splunk,I have a table like belowComponent Green Amber RedResp_time 0 200 4005xx 0 50 1004xx 0 50 100 I want to com... by Naveenkumar Engager in Splunk Search 09-28-2024 0 3	0	3
Comparing results from two different dates vertically I would like to compare specific response status stats vertically and not horizontally so that the values line up and... by mark_groenveld Path Finder in Splunk Search 09-28-2024 0 2	0	2
Why does tstats command return different results with accelerated vs non-accelerated Data Models? I was working with DataModels and I came across something strange about them when they are accelerated vs when they a... by qs_chuy Engager in Splunk Search 09-27-2024 0 1	0	1
Experiencing error :splunk: command not found Hi, Kinda new to *nix o/s; its been about 10 years. Anyway I have READ the doc's and checked the answers pages, but n... by tgirgis Engager in Splunk Search 09-27-2024 2 9	2	9
Find first matching node of json Hi, Based on the following json document, I want to find the value of "Geography" where City is input.Here is th... by nainil0683 Engager in Splunk Search 09-26-2024 0 1	0	1
How to append search results but also filter one query with the other Hello, I'm trying to write a query where I provide a key identifier (say "A"), and the query both finds matching resu... by JBMiller83 New Member in Splunk Search 09-26-2024 0 4	0	4
How to search based on multiple indexes and their respective sourceTypes Hi, I have index called Index1 which has sourcetype called SourceType1 and another index called Index2 with sourceT... by nainil0683 Engager in Splunk Search 09-26-2024 0 3	0	3
Filter timeline results by items that had a change of more than 50% I have a basic timechart query that graphs the number of Queries per second (QPS) for several hosts. I need to filter... by hellige Explorer in Splunk Search 09-26-2024 0 4	0	4
Compare CSV to search Hello everyone,I'd like to start out by saying I'm really quite new to Splunk, and we run older versions(6.6.3 and 7.... by H4waiianPunch Engager in Splunk Search 09-26-2024 0 6	0	6
Duplicate Results on Command-Line Query vice No Duplicates via UI What would cause a command line query ( bin/splunk search "..." ) to return duplicate results over what the UI would ... by joemcmahon Explorer in Splunk Search 09-26-2024 0 4	0	4
Inability to delete alerts/reports after LDAP update Hello,I recently updated a distributed environment with a bundle via the deployer to update the authentication.conf t... by Reece Loves-to-Learn in Splunk Search 09-26-2024 0 2	0	2
Splunk Cloud: Lookups Hi Splunk Experts,I hope to get a quick hint on my issue. I have a Splunk Cloud setup with two search heads, one of w... by Gravoc Observer in Splunk Search 09-26-2024 0 3	0	3
non searchable sourcetypes Hello All,I am looking for a query that can provide me with a list of sourcetypes that have not been searched .Kindly... by sverdhan Loves-to-Learn Lots in Splunk Search 09-26-2024 0 4	0	4
How to get an output containing all host details along with their last update times? How to get an output containing all host details of all time along with their last update times? Below search is tak... by Sangeeta_1 Explorer in Splunk Search 09-25-2024 0 7	0	7