Splunk Search

Community Activity

	Field calculation for flow of events Dear Splunkers, I have a flow of events and need to perform alarm when some value, e.g. metricValue is greater than t... by yudzhin Explorer in Splunk Search 05-21-2021 0 0	0	0
	User agent browser type display issue Hi team I tried the below spl eval command index=aws Website="*"\| stats count(eval(match(User_Agent, "Firefox"))) as ... by jaibalaraman Path Finder in Splunk Search 05-21-2021 0 6	0	6
	count time between each period time Hello dear community,I have a splunk search where I look for all the events that occur over a specific period of time... by wcastillocruz Path Finder in Splunk Search 05-21-2021 0 0	0	0
	Using custom metrices indexes. How to use metrics index to store metrics data from events on SH?Does is it possible to have multiple values and mul... by yogeshpunia66 Loves-to-Learn in Splunk Search 05-21-2021 0 0	0	0
	Display ticket status and count Need help with a query please:I have ticket data where the life cycle is Assigned, Work in Progress, Fixed, Closed an... by nischal45 Engager in Splunk Search 05-21-2021 0 3	0	3
	How to color the Scheduled Report table results in mail ? I have one scheduled report which will provide below table results in email. Requirement is to color the 'Validation ... by georgear7 Communicator in Splunk Search 05-21-2021 0 2	0	2
	How to return alternative subsearch results if a first subsearch returns empty string In general terms, I've been trying to create a search that can perform a subsearch using a few fields that are presen... by DSan New Member in Splunk Search 05-21-2021 0 0	0	0
	In order to events occured from past 3 mon till now by haripotu Loves-to-Learn Everything in Splunk Search 05-21-2021 0 1	0	1
	timechart of events first appearance I am trying to find events based on when they were initially logged and grouped by some column. For example, from th... by josephpe Explorer in Splunk Search 05-21-2021 0 3	0	3
	Create alert based on success rate per a group Hi all,I need to create an alert based on a success rate less than a specific value. My data is as follows:store = "s... by MaratD Explorer in Splunk Search 05-21-2021 0 3	0	3
	File Comparision I have a file which is being indexed(say today) and then again indexed after updating(say tomorrow). I have to compar... by akankshayadav Path Finder in Splunk Search 05-21-2021 0 9	0	9
	Expire Rows in a Lookup After 30 Days Hi Splunkheads, Need some advice here. I have built a simple lookup table and simple search for known bad ip addresse... by dmbr Explorer in Splunk Search 05-20-2021 0 1	0	1
	Why is a power user unable to search a particular index? I have admin user and power user (role=power), when i search a particular index (iis_web) it does not return the out... by shreyasathavale Communicator in Splunk Search 05-20-2021 0 3	0	3
	bin by date that is not the time field Hi,So I have a goal to count user visits, but the log polls too frequently, so we are going to define a visit by one ... by user93 Communicator in Splunk Search 05-20-2021 0 3	0	3
	Breakdown the Totals I want to add more columns that will show the sessions. Such as sudo su ssh etc. Currently I have this:index="name ... by kbohlken Observer in Splunk Search 05-20-2021 0 1	0	1
	Different search results quetion Hello all,Running the following search (direct count) at different times of the day for the same time period I receiv... by johefu Loves-to-Learn in Splunk Search 05-20-2021 0 2	0	2
	Rex Hello!!I have a field value that looks like:abcd124567-1609173498I only want to remove abcd-1609173498 and have the 1... by Logan20 New Member in Splunk Search 05-20-2021 0 1	0	1
	How to combine multiple rows in a field to one row in the same field? I have a data set as seen below.exec arguments/bin/shsh-cuname -p ** /dev/null/sbin/ldconfig/bin/sh... by splunkerer Path Finder in Splunk Search 05-20-2021 0 4	0	4
	Dynamic date comparison I am creating a search that detects compliance received from palo alto signatureswe are receving 4 sets of dates:app-... by RonD Explorer in Splunk Search 05-20-2021 0 2	0	2
	Using fillnull_value or fillnull value with Tstats I am trying to fill the null values and using a datamodel. I want to use tstats and fill null values will "Null" usin... by Godspeed_74 Loves-to-Learn Lots in Splunk Search 05-20-2021 0 6	0	6
	Detailed search for the triggered alerts in Splunk Hi team,I'm trying to build a search which will search for the alerts which have been triggered for a hosts during sp... by szukacz Engager in Splunk Search 05-20-2021 0 3	0	3
	Rex need to extract field till first occurrence of /r HiI need to extract hostname or IP address from raw log. My log looks like below:somerandometest host: abc@email.com... by Sangu Explorer in Splunk Search 05-20-2021 0 2	0	2
	Show last update from indexed csv file Hi, I have a csv file that is updated by a script once a minute. The output is similar to: time,queuename,vpn,last-me... by jugarugabi Path Finder in Splunk Search 05-20-2021 0 4	0	4
	Trying to ignore a value based on the field Hello team, I am trying to ignore the value "Total" if its concurrent Os_type matches "Linux" Below is what I tried.\|... by srinivasgowda Explorer in Splunk Search 05-20-2021 0 3	0	3
	creating timechart grouped data tables hi all, newbee question here but i can't seem to find an answer. I am trying to create a timechart table grouped tabl... by stephenreece78 Engager in Splunk Search 05-20-2021 0 2	0	2