Splunk Search

Community Activity

How can I get max number of hours without events for all indexes, myindex=* ? I have the summary index to record hourly event count for all device (de_count). I have the following search to get m... by vl951f Path Finder in Splunk Search 05-28-2021 0 4	0	4
How can I get the search work with multiple indexes I have the search to get max number of hours without events for feeds.It works just for one index. It wouldn't work w... by vl951f Path Finder in Splunk Search 05-28-2021 0 6	0	6
Sum of field b after making multivalue fields and sort by date I have created several 'rex' expressions that parse data into their own fields and the created multivalue fields comb... by chaday00 Path Finder in Splunk Search 05-28-2021 0 1	0	1
Learning my Companies Splunk Data I am trying to better learn what data is in the indexes at my company. There is a command that gives you something ... by MScottFoley Path Finder in Splunk Search 05-28-2021 0 2	0	2
Search for non-matched values Hello, Is there any way to search non-matched values from two tables like you can do on excel using VLOOKUP? Thank... by appleman Contributor in Splunk Search 05-28-2021 2 15	2	15
count time of my select time within week-ends Hi community,is it possible to calculate the time between info_max_time and info_min_time according to the period cho... by wcastillocruz Path Finder in Splunk Search 05-28-2021 0 2	0	2
Reference Table Header in Javascript Hi - I am currently working on adding a tooltip to a column header on a table in a Splunk dashboard. I have seen ways... by mrstrozy Path Finder in Splunk Search 05-28-2021 0 1	0	1
Divide the results of a query based on a field in the log Hi,I wanted to divide each hostname by using the count of "documentcompletetime" field. index=nextgen sourcetype=ligh... by SG Path Finder in Splunk Search 05-28-2021 0 4	0	4
How to find find my reports and alert coming from which directory Hi Team, Need help in identifying how can we find the path/directory of my alers and reports.. For ex all my alerts a... by vikashperiwal Path Finder in Splunk Search 05-28-2021 0 9	0	9
'Show Source' in the search events I am searching for logs, and when I click on 'Show source' they are more logs associated with itIs there a way to... by TestQA52 Observer in Splunk Search 05-27-2021 0 3	0	3
Extract fields from nested json structure with dynamic key Hello,I have nested json type log messages like below being forwarded to splunk - { "timeStamp": "2021-03-11T... by rkothari Loves-to-Learn Everything in Splunk Search 05-27-2021 0 6	0	6
Outputlookup Removes Multivalue Fields I had an extremely expensive query that would return results in this format: I needed to speed up the query because... by david_rose Communicator in Splunk Search 05-27-2021 0 7	0	7
Avg and most common Search time frame A quick search didn't find anything. I am looking to determine what the most used and avg Search window is. I.e. how ... by cboillot Contributor in Splunk Search 05-27-2021 0 3	0	3
How to filter out results where an extra event is present Hello,I have events that look like this:2021-05-27 14:33:44 UserId:123 Begin Fix for Issue:4354657687 <-- extra/de... by Traer001 Path Finder in Splunk Search 05-27-2021 0 0	0	0
I need to display field value in dashboard from realtime log Hi,I have logs coming from 5 servers, consider each sends status data everytime there is change in status, So I want ... by Sangu Explorer in Splunk Search 05-27-2021 0 1	0	1
Show only those users who exceed percentage of a certain value I have a preliminary search of a web-server-like log that looks like:index=whatever Method=GET\| where Response in (20... by plucas_splunk Splunk Employee in Splunk Search 05-27-2021 0 5	0	5
Splunk Search to see which queries they ran and exported out of Splunk I have a need to pull all the users and the files/sourcetype or queries they ran to export data out of splunkI found ... by puneetkharband1 Path Finder in Splunk Search 05-27-2021 0 1	0	1
Issue with dbinspect command Splunk version 7.3.6When I run \| dbinspect index=* I receive the expected output but only for hot/warm buckets. Is... by ericjorgensenjr Path Finder in Splunk Search 05-27-2021 0 1	0	1
Join alternatives I've read in other posts that using join in Splunk isn't great so I'm looking for a better way to do my search.I want... by LynneEss Engager in Splunk Search 05-27-2021 0 4	0	4
How to get intersection of two sets ? Hello folks,Thanks to visit my question.Users are getting two kinds of errors say A and B one at a time. Both cannot ... by Sid_kum Explorer in Splunk Search 05-27-2021 0 5	0	5
Create a chart with stacked success status and status>500 Hello there. I've a series of GET/POST request.The request is to have inside the dashboard a stacked column graph tha... by marco_carolo Path Finder in Splunk Search 05-27-2021 0 1	0	1
eval strftime to create current_hour (HH:MM) to be used with inputlookup fields I have a lookup with the files that should be sent each hour (common/flat file names) with the hour as the header, I ... by middlemiddle Explorer in Splunk Search 05-27-2021 0 2	0	2
Add stopwords to tfidf command in splunk I have the following search: earliest=-1d@d latest=@d index=cdb_summary sourcetype=cfg_summary source=CDM_*_Daily_Sum... by parkz Explorer in Splunk Search 05-27-2021 0 0	0	0
how to store a value from rex and reuse this value in another search Dear fellows,I have two logs and i am looking to do some correlation between them.In the log1, i am looking for IP_x ... by silverem78 Engager in Splunk Search 05-27-2021 0 5	0	5
same field name exists in two indexes but with different values Hola splunker. i performed a search using two indexes, but these tow indexes have different fields that uses the same... by moayadalghamdi Path Finder in Splunk Search 05-27-2021 0 5	0	5