Splunk Search

Community Activity

Get customer ID form logs I have a log of the form"Associated integration for customer AAA is Integration{id=1865, clientID}, carrying out deac... by bharat149 Explorer in Splunk Search 04-06-2021 0 1	0	1
Query for exclude words in a raw data Hello!As shown in the below picture, those are the events with a timestamp. I want when a "Kafka" service or "Jps" se... by phanichintha Path Finder in Splunk Search 04-06-2021 0 14	0	14
How to query an automatic lookup Hi Guys, How can I query an automatic lookup? Now, this is not the fields created through an automatic lookup, but t... by luna Explorer in Splunk Search 04-05-2021 0 1	0	1
'Error in 'fit' command' when using Machine Learning Toolkit Hi Community,I encountered the following error message when using the ML Toolkit:'Error in 'fit' command: Invalid mes... by ronaldtan1993 New Member in Splunk Search 04-05-2021 0 0	0	0
Is automatic new line insertion deprecated? A convenience feature was introduced in 7 (well I noticed it in a Splunk 7 installation and not in 5 and 6) that auto... by yuanliu SplunkTrust in Splunk Search 04-05-2021 0 1	0	1
Search events - remove events matching certain values on 3 fields Currently search will display events with "Rejected" File Status, but if this Rejected file gets fixed and then is "D... by Dirkoh Engager in Splunk Search 04-05-2021 0 3	0	3
How to Use IF or Case condition Hi,My logs are in following format:{[-]logger: .......message: ..........severity: Error}{[-]exception: .........logg... by alex5441 Explorer in Splunk Search 04-05-2021 0 3	0	3
How to get last weekday of last month and check logs for an date field in the logs having that value I have something that runs every day but i need to see it only for previous EOM which is also a weekdayI have a field... by ashutoshwalke Explorer in Splunk Search 04-05-2021 0 6	0	6
How to get environment in customized order How can I sort so that I can get the Stage_INT 1st and others after that and below is the output image. Can someone p... by Engineer_Zen Observer in Splunk Search 04-05-2021 0 1	0	1
Conditional drilldown Hi..I have a table(panel 1) with the below columns..Col_A Col_BAnd based on the values of Col_B i will have to create... by prettysunshinez Explorer in Splunk Search 04-05-2021 0 2	0	2
Search using lookup Hello, I have two indexes to which I need to compare the source ip and if it is the same, show me a message like true... by splunkcol Builder in Splunk Search 04-05-2021 0 4	0	4
Splunk ITSI Maintenance Window Hello,I need to enable alert suppression during maintenance window in splunk ITSI. I have correlation searches where ... by vijaybaskarss Loves-to-Learn Lots in Splunk Search 04-05-2021 0 0	0	0
How to calculate the index size from all indexers Is there a way to calculate total size of an index from all indexers? I can see index size from each individual index... by adityapavan18 Contributor in Splunk Search 04-05-2021 2 21	2	21
To get the greatest value for each day and graph it for a week Hi,Can you please assist with the query to get the greatest value (for one field) on that day and graph the data for ... by dinumayu Observer in Splunk Search 04-05-2021 0 1	0	1
memory SH cluster Hello! I ran out of memory for the search head located in the cluster. The status is "AutomaticDetention". Is it poss... by gitingua Communicator in Splunk Search 04-05-2021 0 1	0	1
How to efficiently calculate max events per second (eps) by hour over long timeranges, like 30 days? I could count against the raw data but it takes a long time. How can I more efficiently count on such stats? by the_wolverine Champion in Splunk Search 04-04-2021 2 3	2	3
How to dynamically compare and come up with new fields Using the extract function, I can arrive with the below columns: I need to compare the values, and come up with a... by yoshilog Explorer in Splunk Search 04-04-2021 0 4	0	4
Using a resulting time from one query as the latest time in another query Hello!I am having trouble with a query where I want the results to depend on the time results of another query. This ... by Traer001 Path Finder in Splunk Search 04-04-2021 0 1	0	1
Why use eventstats and stats together? Hello,I have seen eventstats and stats used together, but I’m not clear on why and when the use of the mentioned woul... by luna Explorer in Splunk Search 04-04-2021 0 2	0	2
Chart Percentage Issue Percentage is miscalculated Hello Splunk Community, Here is my code and explanation of the issue below:I am having a very annoying issue that I c... by Mary666 Communicator in Splunk Search 04-03-2021 0 3	0	3
How to replace hostnames with own names When i use below query i can see multiple servers in the index.Index=abc sourcetype=vmstat (host=windows1* OR host=... by svalivarthey New Member in Splunk Search 04-03-2021 0 1	0	1
How To Get First and Last Events within a Set of Events Hi, I'm having trouble grabbing the first event of a specific type and the last consecutive event after that with the... by Traer001 Path Finder in Splunk Search 04-02-2021 0 1	0	1
Splunk REST API Hi Splunkers!!I'm working with a team where they have to access to one of the saved search results through Splunk AP... by revanthammineni Path Finder in Splunk Search 04-02-2021 0 7	0	7
Is it possible to hide the filed value for one index but keep it for the other index? Hey Guys, I am new to Splunk, and want to know if there is an easy way of hiding the value of one filed from one inde... by MeMilo09 Path Finder in Splunk Search 04-02-2021 0 1	0	1
Find the duration between two events Hello,I need to find the duration between two events. I went over the solutions on Splunk, but still can't get the ca... by luna Explorer in Splunk Search 04-02-2021 0 2	0	2