Splunk Search

Community Activity

	Couldn't able to perform any commands in Deployment Server Hi Team,We have recently upgraded our Deployment Master server from 7.3.1 to 8.1.2 version. The upgrade seems to be s... by anandhalagaras1 Contributor in Splunk Search 03-31-2021 0 12	0	12
	props.conf time_format for source Goal is to parse new events based on this source value into multiline events split each time a new date is encountere... by rlaan Path Finder in Splunk Search 03-31-2021 0 1	0	1
	dbxquery bind variable advanced case \| dbxquery connection=Realtime shortnames=tquery="select * from table_a awhere a.id = ?and a.create_dt_tm <= trunc... by thunder_wu Path Finder in Splunk Search 03-31-2021 0 0	0	0
	Count comma delimited field I am trying to get counts based on comma delimited values for specified groupings of events.For instance I have the f... by neileosis Engager in Splunk Search 03-31-2021 0 2	0	2
	Need help with having earliest command and two other stats commands in same query I currently have two searches that work separately but when I combine them into one search I cant seem to get it to r... by Anthonylucian Path Finder in Splunk Search 03-31-2021 0 8	0	8
	Identify which power meter reading has stopped increasing for 5 days Hi, I am trying to identify which power meter reading has stopped increasing for 5 days. As these power values are ac... by splunk_rookie Engager in Splunk Search 03-31-2021 0 2	0	2
	Compare three column values and evaluate fourth Hey Splunkers!Please help me with the below query.I have the below table, and i want to create a new column based on ... by NS Explorer in Splunk Search 03-31-2021 0 2	0	2
	How to count cumulative average by month? Hello all. I am trying to find the average by closed_month, but I want the average duration to include events from p... by kmfpo Explorer in Splunk Search 03-31-2021 0 6	0	6
	How to separate field Hi, guys. I have a big trouble here. I'm using rex to get ip-adresses. \|rex max_match=0 "(?P<ip0>((?:[0-9]{1,3}\.){3}... by Dalador Path Finder in Splunk Search 03-31-2021 0 15	0	15
	Correlating Data from 2 Indexes I have 2 indexes, one called linux and another called firewall, how can I correlate both indexes to determine if the ... by splunkcol Builder in Splunk Search 03-30-2021 0 2	0	2
	Stats Percentage Hi,I have a data source that lists phone calls.Each call record will list a set of values, in defined fieldsThe key i... by c799651 Explorer in Splunk Search 03-30-2021 0 3	0	3
	How Can I Use Streamstats to Retrieve the Last Instance of the Most Recent Field Value? Hello!I have multiple events that have the same field values, but are not necessarily in the same order. I want to be... by Traer001 Path Finder in Splunk Search 03-30-2021 0 1	0	1
	Predict with split by Hi,I want to do a predict command in conjunction with my login logs to see if there's any anomalous behaviour user by... by ebs Communicator in Splunk Search 03-30-2021 0 0	0	0
	How to convert a json into table with some unstructured data? So I have two different services where an API call starts from service A and propagates to service B. I want to trace... by jonthree Explorer in Splunk Search 03-30-2021 0 6	0	6
	Get the difference between strings Hello All,My Goal: I need to create a dashboard with multiple panels.Panel 1 would be total number of indexes reporti... by thirumaleshsplu Explorer in Splunk Search 03-30-2021 0 4	0	4
	Join and appendcols returns results, but not giving the desired results I have a CSV and a Keystore with data that I would like to join together. I read the documentation:https://docs.splu... by UMDTERPS Communicator in Splunk Search 03-30-2021 0 4	0	4
	Create a failed search job Hi, for a testing purpose, i would like to create a failed search job.. i did search for this, but no luck.. any sugg... by inventsekar SplunkTrust in Splunk Search 03-30-2021 0 4	0	4
	How to combine two searches in one search? HelloI am trying to get data from two different searches into the same panel, let me explain. Below is a search that... by UMDTERPS Communicator in Splunk Search 03-30-2021 0 1	0	1
	last status changed time Hi Guys, I have this query , which will provide me the list of “Name” on which ProtectionStatus is OFF.index=altiris ... by roopeshetty Path Finder in Splunk Search 03-30-2021 0 4	0	4
	Retrieving All Events After the Second Instance of an Event Hello! I am having trouble creating a query to retrieve all of the events between now and the second instance of a pa... by Traer001 Path Finder in Splunk Search 03-29-2021 0 1	0	1
	How to suppress first DELTA value? I am trying to alert on any processes where their CPU time is gaining 60 sec for every elapsed minute. I am using th... by anmcgill Loves-to-Learn Lots in Splunk Search 03-29-2021 0 1	0	1
	WHERE clause not working when comparing fields in events from same sourcetype Hello!I am trying to retrieve two events: the latest event where a user leaves a room and the earliest event where a ... by Traer001 Path Finder in Splunk Search 03-29-2021 0 1	0	1
	transaction to retrive value then make eval Dear community,I have the following scenario:User can make many actions, in this case we can have action equals searc... by user93 Communicator in Splunk Search 03-29-2021 0 0	0	0
	How do we strip single quotes from the beginning and end of the values? We are an index in which most of the fields have a single quote at the beginning and end of the values. We would like... by danielbb Motivator in Splunk Search 03-29-2021 0 10	0	10
	Company retire age is 55; find employee count and list of employee who get retired in next 5 year Hi there!I have a subjected case to find out list of employees who get retire in next 5 years. i tried with lot of qu... by SA2 Explorer in Splunk Search 03-29-2021 0 1	0	1