Splunk Search

Community Activity

Counting percentage with completion and not completed status Hi, I have following data:And I am trying to create SPL which gets me following result:I tried eventstate and stats c... by k31453 Explorer in Splunk Search 04-22-2021 0 1	0	1
How to pass an attribute from one event to another in order to create a table to summarize data Hi guys!I'm a newbie to Splunk and I would appreciate if you could help me out on this one (Thank you to all the memb... by cindygibbs_08 Communicator in Splunk Search 04-22-2021 0 2	0	2
How do I monitor changes to config files? Hi, Brand new user of Splunk here. I'm currently evaluating Splunk Enterprise. I need a bit of help understanding w... by AndreasMartenss Explorer in Splunk Search 04-22-2021 1 19	1	19
How do i extract a value from one search, use it in a second search, and then output fields from both searches Hi I need to search one index, extract a value from a field from that search, then use that value when searching a di... by ezmo1982 Path Finder in Splunk Search 04-22-2021 0 1	0	1
Get the count of events in a search and use it to calculate another field I need to get the count of the total number of events in the search and use it later to calculate the value of anothe... by deepaksn1214 Engager in Splunk Search 04-22-2021 0 1	0	1
Convert number to string, to avoid being counted by addtotals/addcoltotals Hi, I am creating a report with "chart field1 field2", field2 only has 2 values. So the result has 3 columns: Field1,... by AllenZhang Explorer in Splunk Search 04-22-2021 0 2	0	2
calculate sum of duration Hi everyone,I have calculated a duration field like this for exampleDuration 00:22:02 00:19:26 00:04:26 00:20:16 00:1... by g_paternicola Path Finder in Splunk Search 04-22-2021 0 2	0	2
Delemma when searching Apps a particular TA is not in the list for all apps ? where is it ? I am doing an inventory of all apps on my search head - but one I have noticed is not listed - I have thrown the kit... by jcorcoran508 Path Finder in Splunk Search 04-22-2021 0 1	0	1
Two sets subtraction I have a two saved searches A and B. Each gives an output like below:A: hosthost1host2hos... by pitmod Explorer in Splunk Search 04-22-2021 0 1	0	1
mvexpand memory issue Hi,I have very large dataset that appears as multivalued as below: \| makeresults \| eval data1="Windows_7,Unknown,Wi... by mbasharat Builder in Splunk Search 04-22-2021 0 27	0	27
how to extract the data from json to a table show i'm trying to extract data from json and show into my dashboard but failed { "timestamp":"2021-04-22T09:14:38.727Z... by brightgong New Member in Splunk Search 04-22-2021 0 1	0	1
Subsearch with different index Hi,I am using 2 indexes (index1 and index2). I want to pull a field from index1 (URL and rename it to url_1), and the... by Godspeed_74 Loves-to-Learn Lots in Splunk Search 04-22-2021 0 1	0	1
Map, Join or ... ?? Hello community,I tried to find an answer to my problem, but it seems im incapable of finding it, so i will be postin... by un1claudiu Engager in Splunk Search 04-22-2021 0 0	0	0
how to count records in a row? Hello guys, I am new with a splunk and i need some help (also a splunk search language documentation with example).My... by Pikta Explorer in Splunk Search 04-21-2021 0 7	0	7
search on subsearch using data from main search results hello Splunkers!I've got an issue with this query, in "main search" I got data src, can I use "src" to get data on my... by taufiqkpi Loves-to-Learn in Splunk Search 04-21-2021 0 4	0	4
How do i search two seperate indexes and then output values from fields returned from each index? Hi,I am trying to search across two seperate indexes and then display fields returned from both indexes on a single l... by ezmo1982 Path Finder in Splunk Search 04-21-2021 0 6	0	6
Using a subsearch in a lookup I've got two searches I'm trying to join into one. \| localop \| ldapsearch domain=my_domain search="(&(objectCategory... by jwhughes58 Contributor in Splunk Search 04-21-2021 0 4	0	4
Reading a xml file when file is split in to two We are having a issue. Sometimes our input XML file is splint in to two.In the above image you can see, both are same... by sasireka Loves-to-Learn Lots in Splunk Search 04-21-2021 0 1	0	1
Identifying user based on IP Address/ Hostname We need to add users to our (unauthenticated) internal proxy logs. Currently the proxy logs only identity the init... by jonaclough Path Finder in Splunk Search 04-21-2021 0 4	0	4
Merge cells together when having one same Value Hello TogetherI have a little difficulty with the merging of cells. The idea is that if the results for the value Job... by lslschr Engager in Splunk Search 04-21-2021 0 2	0	2
Field Extraction : regex works fine with search using "rex" command but not with Field extraction Hello,I'm trying to analyze WatchGuard firewall logs received by Splunk using syslog on udp 514 port.I was able to fi... by Flo-Paris Explorer in Splunk Search 04-21-2021 0 4	0	4
Issue with regex and 'positive lookbehind' Hi,I'm kind of new on the Splunk world and I'm trying to create new extraction field. Here are two examples of my log... by Emp Explorer in Splunk Search 04-21-2021 0 8	0	8
field extraction Hi ,I need help in the below, There is a description column, which has likeDescriptionprocess_1_details : name : msmg... by chuck_life09 Path Finder in Splunk Search 04-21-2021 0 1	0	1
how to perform a search that has the result of another search as input Hi,i can't do a search on Splunk where the values are the result of another search.I search:index = summary \| searc... by antonio147 Communicator in Splunk Search 04-21-2021 0 17	0	17
overall sum and aggregate sum command:search....\| eval effort=exact(21+31+61+1103+7306+7505+15105+15106+15122)\| table tag,effort,16910,21,31,61,110... by yuming1127 Path Finder in Splunk Search 04-21-2021 0 4	0	4