Splunk Search

Community Activity

How to Use IF or Case condition Hi,My logs are in following format:{[-]logger: .......message: ..........severity: Error}{[-]exception: .........logg... by alex5441 Explorer in Splunk Search 04-05-2021 0 3	0	3
How to get last weekday of last month and check logs for an date field in the logs having that value I have something that runs every day but i need to see it only for previous EOM which is also a weekdayI have a field... by ashutoshwalke Explorer in Splunk Search 04-05-2021 0 6	0	6
How to get environment in customized order How can I sort so that I can get the Stage_INT 1st and others after that and below is the output image. Can someone p... by Engineer_Zen Observer in Splunk Search 04-05-2021 0 1	0	1
Conditional drilldown Hi..I have a table(panel 1) with the below columns..Col_A Col_BAnd based on the values of Col_B i will have to create... by prettysunshinez Explorer in Splunk Search 04-05-2021 0 2	0	2
Search using lookup Hello, I have two indexes to which I need to compare the source ip and if it is the same, show me a message like true... by splunkcol Builder in Splunk Search 04-05-2021 0 4	0	4
Splunk ITSI Maintenance Window Hello,I need to enable alert suppression during maintenance window in splunk ITSI. I have correlation searches where ... by vijaybaskarss Loves-to-Learn Lots in Splunk Search 04-05-2021 0 0	0	0
How to calculate the index size from all indexers Is there a way to calculate total size of an index from all indexers? I can see index size from each individual index... by adityapavan18 Contributor in Splunk Search 04-05-2021 2 21	2	21
To get the greatest value for each day and graph it for a week Hi,Can you please assist with the query to get the greatest value (for one field) on that day and graph the data for ... by dinumayu Observer in Splunk Search 04-05-2021 0 1	0	1
memory SH cluster Hello! I ran out of memory for the search head located in the cluster. The status is "AutomaticDetention". Is it poss... by gitingua Communicator in Splunk Search 04-05-2021 0 1	0	1
How to efficiently calculate max events per second (eps) by hour over long timeranges, like 30 days? I could count against the raw data but it takes a long time. How can I more efficiently count on such stats? by the_wolverine Champion in Splunk Search 04-04-2021 2 3	2	3
How to dynamically compare and come up with new fields Using the extract function, I can arrive with the below columns: I need to compare the values, and come up with a... by yoshilog Explorer in Splunk Search 04-04-2021 0 4	0	4
Using a resulting time from one query as the latest time in another query Hello!I am having trouble with a query where I want the results to depend on the time results of another query. This ... by Traer001 Path Finder in Splunk Search 04-04-2021 0 1	0	1
Why use eventstats and stats together? Hello,I have seen eventstats and stats used together, but I’m not clear on why and when the use of the mentioned woul... by luna Explorer in Splunk Search 04-04-2021 0 2	0	2
Chart Percentage Issue Percentage is miscalculated Hello Splunk Community, Here is my code and explanation of the issue below:I am having a very annoying issue that I c... by Mary666 Communicator in Splunk Search 04-03-2021 0 3	0	3
How to replace hostnames with own names When i use below query i can see multiple servers in the index.Index=abc sourcetype=vmstat (host=windows1* OR host=... by svalivarthey New Member in Splunk Search 04-03-2021 0 1	0	1
How To Get First and Last Events within a Set of Events Hi, I'm having trouble grabbing the first event of a specific type and the last consecutive event after that with the... by Traer001 Path Finder in Splunk Search 04-02-2021 0 1	0	1
Splunk REST API Hi Splunkers!!I'm working with a team where they have to access to one of the saved search results through Splunk AP... by revanthammineni Path Finder in Splunk Search 04-02-2021 0 7	0	7
Is it possible to hide the filed value for one index but keep it for the other index? Hey Guys, I am new to Splunk, and want to know if there is an easy way of hiding the value of one filed from one inde... by MeMilo09 Path Finder in Splunk Search 04-02-2021 0 1	0	1
Find the duration between two events Hello,I need to find the duration between two events. I went over the solutions on Splunk, but still can't get the ca... by luna Explorer in Splunk Search 04-02-2021 0 2	0	2
splunk search {<!-- -->Exams : { “Message” : “Passed in Maths paper 1 exam” ,”Result”:”Passed”, ’Name’ : “s3”}SubjecctName:Passed-Maths-Sem... by satheesh121 Observer in Splunk Search 04-02-2021 0 6	0	6
Find Job Duration from two separate events. Jobs Running on daily basis.Events like-1) "Job_Name": "XYZ", "status":" Start"2) "Job_Name": "XYZ", "status":" SUCCE... by saty586 Explorer in Splunk Search 04-02-2021 0 1	0	1
How to update geoip database for iplocation command? Hello, I use Splunk's iplocation (not Maxmind or other) command extensively in our monitoring dashboards. Since thi... by echojacques Builder in Splunk Search 04-02-2021 8 20	8	20
Find highest and lowest salary taker employee Hi i need to find the name employee name who are taking high salary and low salary. please help in thisField Names:Mo... by SA2 Explorer in Splunk Search 04-02-2021 0 4	0	4
Industry standard salary expectation is year of experience * 1.5. Find out employees who are all not matching these crit HiI need to count the employee numbers who are not match with experience*1.5. i tried lot with eval and where command... by SA2 Explorer in Splunk Search 04-02-2021 0 1	0	1
Bar chart comparing 2 values Hi,I have this stats tableColumn1 Column2400 500 I want to have a bar chart which shows 2 bars s... by SS1 Path Finder in Splunk Search 04-02-2021 0 1	0	1