Splunk Search

Community Activity

How to convert Hex to Ascii in Splunk? I have a hex value that i need to convert to ascii. is there a way to do this in splunk? string-value=0x4c617374206... by danielrusso1 Path Finder in Splunk Search 04-09-2021 4 16	4	16
A query to get the xml files which has the specified tags I have displayed two sample xml files below. I have to check whether a xml file has <customer-job-id> and <submissio... by sasireka Loves-to-Learn Lots in Splunk Search 04-09-2021 0 1	0	1
Counting total and only specific values in one table (802.1x log example) Hi Everybody:I need a little help with statistics: I use this search to list all Calling_Station_IDs. In the example ... by Ida_2017 Explorer in Splunk Search 04-09-2021 0 1	0	1
Amend "Reports" view in Search App to include other columns Hi, a user wants to see the description of a report as well as the title. I know he could click the drop down arrow b... by shazbot79 Path Finder in Splunk Search 04-09-2021 0 1	0	1
in timechart, how do you display average by field, but also show a total average Hi, I have events from various projects, and each event has an eventDuration field. I'm trying to visualize the foll... by pcheng Explorer in Splunk Search 04-09-2021 0 16	0	16
To check if service of endpoint starts back once stopped Hi Folks, I am working on creating an alert for endpoint where we have to check if its service came up after it got s... by DawoodKhanUlex Engager in Splunk Search 04-09-2021 0 1	0	1
what is colour code of boolean while using endswith? Hi all, endswith=(notificationType="TestCompleted" OR notificationType="TestCancelled" OR notificationType="TestRejec... by Learner Path Finder in Splunk Search 04-09-2021 0 1	0	1
How to return all results if field is not exist? Hi, i use regex to extract fields My query is \| rex field=_raw "(?P<Command>((?<=\bCommand>).*(?=<)))" \| rex field=_r... by Dalador Path Finder in Splunk Search 04-09-2021 0 3	0	3
Combining two different events with same values from different source types index=a0_payservutil_generic_app_audit_prd sourcetype="npp:pom:stdout" eventCode="fundsReservationManualInterventionN... by gvjyothi45 New Member in Splunk Search 04-09-2021 0 1	0	1
How to make a query to search filed by taking output from the the 1st query I have a requirement like, I have to create a dashboard and there will be a input filed called as account Id and afte... by satyajit7 Explorer in Splunk Search 04-09-2021 0 1	0	1
How do I find the versions of all my UFs & HFs and dates of install on Splunk Enterprise? How do I find the versions of all my UFs & HFs and dates of install on Splunk Enterprise? by SamHTexas Builder in Splunk Search 04-08-2021 0 1	0	1
strptime using 2020-03-08T02:00:21is 1 hour off The following query returns a result that is one hour off.\| makeresults\| eval timestr="2020-03-08T02:00:21"\| eval uni... by paulerlong Explorer in Splunk Search 04-08-2021 0 4	0	4
Splunk sort class not working with subsearch With the below query I'm trying to sort dateTime by descending order but the sorting is not working, could someone pl... by Ranjeeth New Member in Splunk Search 04-08-2021 0 1	0	1
How to split stats command results into rows I have proxy logs, in which I am interested in 4 fields: the ip address of the user's computer, the category of the s... by ipoluda Explorer in Splunk Search 04-08-2021 0 1	0	1
How to hide X axis scale in a bar chart Hi,I am unable to hide the X-axis scale in the bar chart. See below screenshot,I am plotting the chart using below qu... by ashutoshwalke Explorer in Splunk Search 04-08-2021 0 4	0	4
How to extract multiple values from output to create new column in table with associated values Hello,I have a search query that produces a value similar to below. What i am trying to accomplish is to extract the... by najaplit New Member in Splunk Search 04-08-2021 0 1	0	1
Query 1 week with time range from 0900 - 1700 How do I create a search with below table result?Date RangeTime RangeCount of UsersJan-40900-1700900Jan-50900-1700500... by davidpcm Observer in Splunk Search 04-08-2021 0 2	0	2
Search Query to trigger an email of the host is not reporting in Splunk for last 15 minutes Hi TeamI have set of 5 hosts which are coming from an index=xyz and with sourcetype=iis so for example if any of the ... by anandhalagaras1 Contributor in Splunk Search 04-08-2021 0 7	0	7
combine where and eval Hi Community,how do i combine where and eval?Available field are "Gear" and "Torque_Crankshaft"Discribed in my human ... by pduvofmr Path Finder in Splunk Search 04-08-2021 0 2	0	2
Round _value by mstats metrics Hello,we use mstats to visualize the _value. But for cpu perfmon values there is a number with 10 or more decimals af... by StefanW Path Finder in Splunk Search 04-08-2021 0 0	0	0
how to exclude several patterns by IN function? Hi team,I have below sample events in splunk. 2021-04-09 07:12:41,323 PLV=EVENT DT=MANUALEVENT CIP=0.0.0.1CMID=shangT... by cheriemilk Path Finder in Splunk Search 04-08-2021 0 1	0	1
can i clone alerts from the UI Thats all i need the method for cloning alerts as we migrate by nwoolley Engager in Splunk Search 04-07-2021 0 5	0	5
Why are the iplocations not working at all? Hi My iplocation is not working at all, what am i missing? index=_internal sourcetype=splunkd_ui_access \| stats cou... by robertlynch2020 Influencer in Splunk Search 04-07-2021 0 4	0	4
Need one help to prepare Splunk query. Hello Team, I would like to setup Splunk email alert when Log Statement 2 and Log Statement 3 doesn’t execute due to ... by dishantgniit New Member in Splunk Search 04-07-2021 0 3	0	3
How to search for string like "KeyError: 'ABC_DEF'" I am trying to search for log entries that contain the following: KeyError: 'ABC_DEF'The following work, but will fin... by stevenfharris New Member in Splunk Search 04-07-2021 0 1	0	1