Splunk Search

Community Activity

How to colllect avgLoad1m for each cpu core in linux Hi,Any suggestion about how can I collect avgLoad1m for each cpu core (hosts with multi-core cpu) by Splunk_TA_nix ap... by majbo Explorer in Splunk Search 05-14-2021 0 0	0	0
How to get certain field from data using rex Hey There, I have seen the Splunk. com answers and the rex cheat sheets online. However, I cant seem to get rex comma... by MeMilo09 Path Finder in Splunk Search 05-13-2021 0 3	0	3
How to remove event/(s) from the values(Data) field? Hi I would like to remove some Data from my search (only want AreaOIC), however, I tried to do Data = AreaOIC or Data... by PotatoHero Loves-to-Learn Lots in Splunk Search 05-13-2021 0 15	0	15
Evaluation of CPU_power Hi Splunkers, Iam a beginner at splunk. So I managed to get all Data from Aida64 into Splunk. That does include Tempe... by LKrieger Explorer in Splunk Search 05-13-2021 0 5	0	5
CPU Metrics JSON file already indexed - sum values under multilevel grouping by different multilevel names Hello,This is my first question here, since I don't know how to look for the solution. I tried to resolve this case o... by ChrisFontana Loves-to-Learn Lots in Splunk Search 05-13-2021 0 0	0	0
Count number of visits group events by day Hi,So, I want to count the number of visitors to a site, but because of the logging mechanism, I get many events per ... by user93 Communicator in Splunk Search 05-13-2021 0 5	0	5
User query GET request malformed I have a single user that is being affected by a strange issue where they are able to search, however the event table... by wilcomply13 Explorer in Splunk Search 05-13-2021 0 0	0	0
How to display a timechart that gets the percent of failures having a count of errors and success Hi all,I have server errors and success logs in the data, i want to get the percent of failures out of the total coun... by elpaisa Splunk Employee in Splunk Search 05-13-2021 0 1	0	1
Passing a lookup file name as a parameter in a macro I have a use case where there are over 50+ lookup files that I need to 'sync' between one app context and another. Th... by pgreer_splunk Splunk Employee in Splunk Search 05-12-2021 0 2	0	2
Assets Consolidation - Searching and Comparing fields with multiple IP Addresses Hi,I have this query where I am trying to compare two csv files and have the assets data mergedCSV1hostiposabc.domain... by munisb Explorer in Splunk Search 05-12-2021 0 0	0	0
Number of events keeps going up I am trying to use Splunk to review windows events that have been exported from disconnected systems. I have all the... by rockb Explorer in Splunk Search 05-12-2021 0 0	0	0
Getting Data into Splunk I just installed splunk and imported my license.I have a series of Windows event viewer files that have been exported... by rockb Explorer in Splunk Search 05-12-2021 0 3	0	3
Cannot figure out subsearch I am struggling with subsearches and getting and correlating data in a single output.I need to figure out which users... by Sean_oldR3dF0x New Member in Splunk Search 05-12-2021 0 3	0	3
See SQL queries on Splunk Hi,I want to know how I can see what SQL queries are used on every table of my SQL databases. I mean, I want to monit... by sh_tavousi Explorer in Splunk Search 05-12-2021 0 1	0	1
REGEX in transform.conf using "^" to specify the begining does not work Hi, I specified the following in transforms.conf SOURCE_KEY = MetaData:Host REGEX = ^8\.\d{1,3}\.\d{1,3}\.\d{1,3}$ ... by aferchichi New Member in Splunk Search 05-12-2021 0 11	0	11
Merging triples of rows I have the following output from a searchfld1 fld2 fld3 fld4A BI J B ... by wiar Explorer in Splunk Search 05-12-2021 0 4	0	4
Error when using a Datamodel in a Macro Hi,I'm using the following datamodel search:\| datamodel Test_Ping_Access summariesonly=true search \| search "Ping_Acc... by ebs Communicator in Splunk Search 05-11-2021 0 2	0	2
Datamodel stats search keeps failing Hi,I created a data model and the searches were working previously but now it keeps failing and I don't know why. Is ... by ebs Communicator in Splunk Search 05-11-2021 0 2	0	2
how to get the case function to have multiple status, when multiple fields are true The case function seems to finding the first true statement and displays that value. Is there another function or dif... by spicy Path Finder in Splunk Search 05-11-2021 0 2	0	2
Time-charting Several Series I have a set of data with X categories and each category is getting measured (measurements are positive or negative d... by gamecocks20 Loves-to-Learn in Splunk Search 05-11-2021 0 0	0	0
How to assign a field value to other events using streamstats Hello,I am trying to assign a value from one field to all earlier instances of a field until a non-null value is met.... by Traer001 Path Finder in Splunk Search 05-11-2021 0 2	0	2
User agent string using lookup table Hi Team I am trying to extract the OS details from the user agent using the below eval command, however I am not able... by jaibalaraman Path Finder in Splunk Search 05-11-2021 0 3	0	3
Why am I getting "Error in 'summarize' command: This search does not support summarization" trying to use KV store lookup with Datamodel Acceleration? Hi. I'd like to use KV Store lookup in an accelerated Data Model. When I set data model this messages occurs: 01-10... by pedromvieira Communicator in Splunk Search 05-11-2021 2 5	2	5
How to get duration for the product A (only for start and end status)? So what I have now from my search so farProduct Status TimeA Start 8.00 AMA ... by moinyuso96 Path Finder in Splunk Search 05-11-2021 0 2	0	2
regex help Hi,I need some help with the regex,Currently we have below two paths, note the naming format is different for the log... by SS1 Path Finder in Splunk Search 05-10-2021 0 4	0	4