Splunk Search

Community Activity

	How to extract multiple values from output to create new column in table with associated values Hello,I have a search query that produces a value similar to below. What i am trying to accomplish is to extract the... by najaplit New Member in Splunk Search 04-08-2021 0 1	0	1
	Query 1 week with time range from 0900 - 1700 How do I create a search with below table result?Date RangeTime RangeCount of UsersJan-40900-1700900Jan-50900-1700500... by davidpcm Observer in Splunk Search 04-08-2021 0 2	0	2
	Search Query to trigger an email of the host is not reporting in Splunk for last 15 minutes Hi TeamI have set of 5 hosts which are coming from an index=xyz and with sourcetype=iis so for example if any of the ... by anandhalagaras1 Contributor in Splunk Search 04-08-2021 0 7	0	7
	combine where and eval Hi Community,how do i combine where and eval?Available field are "Gear" and "Torque_Crankshaft"Discribed in my human ... by pduvofmr Path Finder in Splunk Search 04-08-2021 0 2	0	2
	Round _value by mstats metrics Hello,we use mstats to visualize the _value. But for cpu perfmon values there is a number with 10 or more decimals af... by StefanW Path Finder in Splunk Search 04-08-2021 0 0	0	0
	how to exclude several patterns by IN function? Hi team,I have below sample events in splunk. 2021-04-09 07:12:41,323 PLV=EVENT DT=MANUALEVENT CIP=0.0.0.1CMID=shangT... by cheriemilk Path Finder in Splunk Search 04-08-2021 0 1	0	1
	can i clone alerts from the UI Thats all i need the method for cloning alerts as we migrate by nwoolley Engager in Splunk Search 04-07-2021 0 5	0	5
	Why are the iplocations not working at all? Hi My iplocation is not working at all, what am i missing? index=_internal sourcetype=splunkd_ui_access \| stats cou... by robertlynch2020 Influencer in Splunk Search 04-07-2021 0 4	0	4
	Need one help to prepare Splunk query. Hello Team, I would like to setup Splunk email alert when Log Statement 2 and Log Statement 3 doesn’t execute due to ... by dishantgniit New Member in Splunk Search 04-07-2021 0 3	0	3
	How to search for string like "KeyError: 'ABC_DEF'" I am trying to search for log entries that contain the following: KeyError: 'ABC_DEF'The following work, but will fin... by stevenfharris New Member in Splunk Search 04-07-2021 0 1	0	1
	How to create a condition based on the number of digits of a value? Hello Talented People of the wordl!I hope you are having a great day, I wish to know if there is a way to have a YES ... by andres91302 Communicator in Splunk Search 04-07-2021 0 3	0	3
	Workload Management - Admission Rules only working on Cluster Master Hi, Been struggling to get Workload Admission Rules working properly. After a bunch of testing and monitoring with t... by chrisboy68 Contributor in Splunk Search 04-07-2021 0 2	0	2
	Time based Monitoring Hi Team,I am having few devices located across the globe and want to monitor only during their Business hour timings ... by jerinvarghese Communicator in Splunk Search 04-07-2021 0 0	0	0
	Search for sum of application bytes uploaded Hello All,I am trying to get a total number of bytes/MB/GB uploaded per application in Splunk.Can't seem to find the... by johefu Loves-to-Learn in Splunk Search 04-07-2021 0 1	0	1
	Dashboard As per below screen shot i created toggle tabs and when i used the in by below panel results are not poplutating.Plea... by uagraw01 Motivator in Splunk Search 04-07-2021 0 0	0	0
	Search bar previous week Hello,I've around questions and answers but I cannot find the one I need.I'm selecting previous week in the time rang... by mrovira Engager in Splunk Search 04-07-2021 0 3	0	3
	Eval with conditions Hi, I have 3 products 1, 2, and 3, each of them contain several elements a, b c, d. Each product has different specif... by zoe Path Finder in Splunk Search 04-07-2021 0 4	0	4
	What is the difference between earliest=-5min and earliest=-5min@min What is the difference between earliest=-5min and earliest=-5min@min by aaa2324 Explorer in Splunk Search 04-07-2021 0 1	0	1
	Splunk query to list all the unused printers from an print server. Team,I have been using this below commands to verify whether particular print queues have printed from the print serv... by sanketas New Member in Splunk Search 04-06-2021 0 1	0	1
	display rows between 2 searches Good morning, suppose I have the following entries in my file :BEGIN abcdefEND;BEGIN xyzEND;***I want to search for t... by splunkpaterd2 Explorer in Splunk Search 04-06-2021 0 6	0	6
	Issue using sort command with inputlookup command I have a lookup file with 3 fields - source, status, timestamp. Timestamp is saved as per below:eval timestamp=strft... by sdkp03 Communicator in Splunk Search 04-06-2021 0 5	0	5
	how to map over or assign variable to a list of values We need to run the same query over a list of values (10k to 100k) without knowing the exact key across various indexe... by alancalvitti Path Finder in Splunk Search 04-06-2021 0 5	0	5
	Extract logs for specific host in cold buckets Hello, I need to move old logs for a specific logsource(host) to be indexed in another splunk cluster. When I use the... by adidibra Engager in Splunk Search 04-06-2021 0 0	0	0
	Error message while searching from the search head Hello,I am getting the following error while searching in splunk.Could not load lookup=LOOKUP-cisco_pix_severity_look... by adidibra Engager in Splunk Search 04-06-2021 0 2	0	2
	How to Use Transaction to Retrieve Groups of Events Hi all, I'm trying to use a transaction to get multiple pairs of events (the selection and release of a node). So I h... by Traer001 Path Finder in Splunk Search 04-06-2021 0 4	0	4