Splunk Search

Community Activity

Dashboard base search with extra search values Hello,I have a dashboard with 3 panels that load at the same time.Almost 3 identical searches. The difference is i ad... by hvdtol Path Finder in Splunk Search 05-30-2021 0 8	0	8
Query syslog fields Dear all,I have a syslog-ng relay server collecting syslog messages from remote network devices and saving them as lo... by ChintanaM Explorer in Splunk Search 05-30-2021 0 6	0	6
X axis and y axis title font size change How to change the font size for x axis and y axis titles in splunk. Need inputs on this. by ManjunathN Engager in Splunk Search 05-30-2021 0 2	0	2
Transaction Command not returning all results Hi, I have a splunk query as below:index=platform env=sandbox http_method="GET" This gave me 1 result back.Now, when... by splunkuser1948 Engager in Splunk Search 05-29-2021 0 5	0	5
If a field includes certain number of predefined strings? Hi,data set to search in field1: ("foo", "bar", execute", "thanx", "tax", "trade" )if field1 includes any random 3 o... by splunkerer Path Finder in Splunk Search 05-29-2021 0 2	0	2
Use call stats to calculate concurrent calls. I have a data source that provides call records for telephone calls. Each call record contains a call duration and t... by C37996518 Explorer in Splunk Search 05-29-2021 0 4	0	4
Need to compare the contents of a lookup file with search results Hi, Brand new to splunk here. I've been using it about 1 month. I have a lookup file, all_identities_prod.csv, th... by jcaron9999a Explorer in Splunk Search 05-28-2021 0 4	0	4
How can I get max number of hours without events for all indexes, myindex=* ? I have the summary index to record hourly event count for all device (de_count). I have the following search to get m... by vl951f Path Finder in Splunk Search 05-28-2021 0 4	0	4
How can I get the search work with multiple indexes I have the search to get max number of hours without events for feeds.It works just for one index. It wouldn't work w... by vl951f Path Finder in Splunk Search 05-28-2021 0 6	0	6
Sum of field b after making multivalue fields and sort by date I have created several 'rex' expressions that parse data into their own fields and the created multivalue fields comb... by chaday00 Path Finder in Splunk Search 05-28-2021 0 1	0	1
Learning my Companies Splunk Data I am trying to better learn what data is in the indexes at my company. There is a command that gives you something ... by MScottFoley Path Finder in Splunk Search 05-28-2021 0 2	0	2
Search for non-matched values Hello, Is there any way to search non-matched values from two tables like you can do on excel using VLOOKUP? Thank... by appleman Contributor in Splunk Search 05-28-2021 2 15	2	15
count time of my select time within week-ends Hi community,is it possible to calculate the time between info_max_time and info_min_time according to the period cho... by wcastillocruz Path Finder in Splunk Search 05-28-2021 0 2	0	2
Reference Table Header in Javascript Hi - I am currently working on adding a tooltip to a column header on a table in a Splunk dashboard. I have seen ways... by mrstrozy Path Finder in Splunk Search 05-28-2021 0 1	0	1
Divide the results of a query based on a field in the log Hi,I wanted to divide each hostname by using the count of "documentcompletetime" field. index=nextgen sourcetype=ligh... by SG Path Finder in Splunk Search 05-28-2021 0 4	0	4
How to find find my reports and alert coming from which directory Hi Team, Need help in identifying how can we find the path/directory of my alers and reports.. For ex all my alerts a... by vikashperiwal Path Finder in Splunk Search 05-28-2021 0 9	0	9
'Show Source' in the search events I am searching for logs, and when I click on 'Show source' they are more logs associated with itIs there a way to... by TestQA52 Observer in Splunk Search 05-27-2021 0 3	0	3
Extract fields from nested json structure with dynamic key Hello,I have nested json type log messages like below being forwarded to splunk - { "timeStamp": "2021-03-11T... by rkothari Loves-to-Learn Everything in Splunk Search 05-27-2021 0 6	0	6
Outputlookup Removes Multivalue Fields I had an extremely expensive query that would return results in this format: I needed to speed up the query because... by david_rose Communicator in Splunk Search 05-27-2021 0 7	0	7
Avg and most common Search time frame A quick search didn't find anything. I am looking to determine what the most used and avg Search window is. I.e. how ... by cboillot Contributor in Splunk Search 05-27-2021 0 3	0	3
How to filter out results where an extra event is present Hello,I have events that look like this:2021-05-27 14:33:44 UserId:123 Begin Fix for Issue:4354657687 <-- extra/de... by Traer001 Path Finder in Splunk Search 05-27-2021 0 0	0	0
I need to display field value in dashboard from realtime log Hi,I have logs coming from 5 servers, consider each sends status data everytime there is change in status, So I want ... by Sangu Explorer in Splunk Search 05-27-2021 0 1	0	1
Show only those users who exceed percentage of a certain value I have a preliminary search of a web-server-like log that looks like:index=whatever Method=GET\| where Response in (20... by plucas_splunk Splunk Employee in Splunk Search 05-27-2021 0 5	0	5
Splunk Search to see which queries they ran and exported out of Splunk I have a need to pull all the users and the files/sourcetype or queries they ran to export data out of splunkI found ... by puneetkharband1 Path Finder in Splunk Search 05-27-2021 0 1	0	1
Issue with dbinspect command Splunk version 7.3.6When I run \| dbinspect index=* I receive the expected output but only for hot/warm buckets. Is... by ericjorgensenjr Path Finder in Splunk Search 05-27-2021 0 1	0	1