Splunk Search

Community Activity

not able to merge 2 queries to get the desired result I have 2 queries1st is \| rest /services/data/indexes\| fields title\| dedup title\| table titlethis query is giving me a... by vinitpathri Path Finder in Splunk Search 04-12-2021 0 4	0	4
Find stats from 2 events We have 2 eventsOTP generated through SMS with UUID=123123OTP generated through EMAIL with UUID=432432OTP Verified f... by dyapasrikanth Path Finder in Splunk Search 04-11-2021 0 3	0	3
Notable event index is empty. Hello everyone.I am trying to deploy ESS, but I having some trouble with the notable events.I can not see results at ... by gl_splunkuser Path Finder in Splunk Search 04-11-2021 0 2	0	2
Return the Count of events divided by 2 I'm pretty new at this so I apologize if the question seems stupid.I have a printer that sends syslogs to Splunk, and... by ibanez450 Explorer in Splunk Search 04-11-2021 0 3	0	3
on Simple XML with colorPalette to select the color by comparing 2 fields numbers Is there a way to get field's background color by compare with 2 fields numbers? for example:If "POST IPTV CALLS"'s v... by jenniferhao Explorer in Splunk Search 04-11-2021 0 12	0	12
How to know which value from lookup table matched the log I have a lookup table that has a list of values in it similar to:idvalue1test_value12test_value2 I can search for all... by hFHUT2 Engager in Splunk Search 04-11-2021 0 3	0	3
Usage of Wildcard in middle of search string Hi,I read from splunk docs that we should avoid using wildcards `*` in the middle of a string.Now, does this apply to... by splunkuser1948 Engager in Splunk Search 04-10-2021 0 1	0	1
How do I check if my Splunk environment is set for Search Head pooling? How do I check if my Splunk environment is set for Search Head pooling? We have SH clustering all set up and am prepa... by SamHTexas Builder in Splunk Search 04-10-2021 0 1	0	1
Make Paloalto search faster Hi There I am new to splunk and trying to figure out a way to make the below search faster : index=pan_logs sourcetyp... by lubanamanjinder New Member in Splunk Search 04-10-2021 0 1	0	1
How to switch the CMDB lookups in splunk to the KV store ? We currently have lookups and want to move to KV store. What and how can we do that by srampally Path Finder in Splunk Search 04-10-2021 1 4	1	4
Index Time Fields Extraction on Summary Index Hey I’m trying to extract fields in index time on my summary index, in order to use ‘tstats’ command. I used ‘coll... by omerl Path Finder in Splunk Search 04-10-2021 0 5	0	5
Filtering NULL values from multivalue field I have a transaction with mvlist set to true which results in a table where a number of fields display multiple NULL ... by dfraseman Explorer in Splunk Search 04-10-2021 0 4	0	4
Search in transactions help We have several log entries with what boils down to a transaction ID. I want to group these entries and within those ... by cboillot Contributor in Splunk Search 04-09-2021 0 4	0	4
How do I find a list of scheduled, saved searches in ES, specially the ones that run in real time? How do I find a list of scheduled, saved searches in ES, specially the ones that run in real time? Can the Monitoring... by SamHTexas Builder in Splunk Search 04-09-2021 0 3	0	3
Grouping Data based on conditions on datetimes and counts over time! Hello friends! I am faced with a challenge I will be uploading two CSV files to splunk which represents two different... by andres91302 Communicator in Splunk Search 04-09-2021 0 7	0	7
How can make every 2 columns of table as same colour? I have a big table which is not easy to group on visualizations. Can I make each 2 columns as same color group so tha... by jenniferhao Explorer in Splunk Search 04-09-2021 0 5	0	5
Why is it called delete when it doesn't delete, but hide data? I find this very ridiculous considering that the terminology used is not accurate in what it is doing. When doing a s... by sbarnes88 New Member in Splunk Search 04-09-2021 0 0	0	0
help to exclude weekend events in a timechart helloin the search below which displays a timechart, I stats events except the weekend these search displays events o... by jip31 Motivator in Splunk Search 04-09-2021 0 3	0	3
dbx query throwing error Hi,I am trying to run dbxquery command but it keeps throwing the below error. I have configured the database connect... by sravani27 Path Finder in Splunk Search 04-09-2021 0 2	0	2
_time being treated as a string when run with table command Hi, I have the following CSV data that I've uploaded into Splunk iso_code,continent,location,date,total_cases USA,Nor... by termcap Path Finder in Splunk Search 04-09-2021 0 6	0	6
help on a stats command with a filter token helloI use the search below which works fine `fiability` \| fields host Logfile SourceName ProductName SITE DEPARTME... by jip31 Motivator in Splunk Search 04-09-2021 0 5	0	5
Extract JSON Data Need help to find a way to search JSON strings where an attributes is empty.Ex: get all JSON data where 'tags' is em... by mchennam Engager in Splunk Search 04-09-2021 0 3	0	3
How can I use lookup csv from another Index? How can I use lookup csv from another Index? I have access to both index.Thanks. by arusoft Communicator in Splunk Search 04-09-2021 0 8	0	8
Writing records to KVStore - Strange Behavior HelloAm attempting to identify the name of the SQL Server and the SQL Agent process name based on a CMDB lookup and s... by prashantsreeniv Observer in Splunk Search 04-09-2021 0 1	0	1
Need help with a search/subsearch not providing the expected results Hello there! I need help with a search that is not providing the expected results. Let me share the details and backg... by pablobarquin Explorer in Splunk Search 04-09-2021 0 5	0	5