Splunk Search

Community Activity

	Can't search modified _time value using earliest/latest requests. I ran into a timeformatting issue with some of my logs due to the string starting with the following time format resu... by rlaan Path Finder in Splunk Search 04-01-2021 0 1	0	1
	Metrics mrollup issue hello ,we have a problem with mrollup procedure for metrics indexes.We have setup e daily rollup for a metrics index;... by giotto69 Observer in Splunk Search 04-01-2021 0 0	0	0
	windows perfmon network utilization I'm trying to figure out to calculate the network utilization on this server using the eval and stats and I'm having ... by ggfsplunk Engager in Splunk Search 04-01-2021 0 4	0	4
	summary Index Hi,how will summary index actually work in relation to 'time based searches'maybe the summary index could have no tim... by VijaySrrie Builder in Splunk Search 03-31-2021 0 1	0	1
	Extract first 3 lines of raw logs and group Hi,My current query for splunk dashboard is as:........\| eval ErrorMsg=_raw \| stats count by Application, ErrorMsg \| ... by alex5441 Explorer in Splunk Search 03-31-2021 0 6	0	6
	Couldn't able to perform any commands in Deployment Server Hi Team,We have recently upgraded our Deployment Master server from 7.3.1 to 8.1.2 version. The upgrade seems to be s... by anandhalagaras1 Contributor in Splunk Search 03-31-2021 0 12	0	12
	props.conf time_format for source Goal is to parse new events based on this source value into multiline events split each time a new date is encountere... by rlaan Path Finder in Splunk Search 03-31-2021 0 1	0	1
	dbxquery bind variable advanced case \| dbxquery connection=Realtime shortnames=tquery="select * from table_a awhere a.id = ?and a.create_dt_tm <= trunc... by thunder_wu Path Finder in Splunk Search 03-31-2021 0 0	0	0
	Count comma delimited field I am trying to get counts based on comma delimited values for specified groupings of events.For instance I have the f... by neileosis Engager in Splunk Search 03-31-2021 0 2	0	2
	Need help with having earliest command and two other stats commands in same query I currently have two searches that work separately but when I combine them into one search I cant seem to get it to r... by Anthonylucian Path Finder in Splunk Search 03-31-2021 0 8	0	8
	Identify which power meter reading has stopped increasing for 5 days Hi, I am trying to identify which power meter reading has stopped increasing for 5 days. As these power values are ac... by splunk_rookie Engager in Splunk Search 03-31-2021 0 2	0	2
	Compare three column values and evaluate fourth Hey Splunkers!Please help me with the below query.I have the below table, and i want to create a new column based on ... by NS Explorer in Splunk Search 03-31-2021 0 2	0	2
	How to count cumulative average by month? Hello all. I am trying to find the average by closed_month, but I want the average duration to include events from p... by kmfpo Explorer in Splunk Search 03-31-2021 0 6	0	6
	How to separate field Hi, guys. I have a big trouble here. I'm using rex to get ip-adresses. \|rex max_match=0 "(?P<ip0>((?:[0-9]{1,3}\.){3}... by Dalador Path Finder in Splunk Search 03-31-2021 0 15	0	15
	Correlating Data from 2 Indexes I have 2 indexes, one called linux and another called firewall, how can I correlate both indexes to determine if the ... by splunkcol Builder in Splunk Search 03-30-2021 0 2	0	2
	Stats Percentage Hi,I have a data source that lists phone calls.Each call record will list a set of values, in defined fieldsThe key i... by c799651 Explorer in Splunk Search 03-30-2021 0 3	0	3
	How Can I Use Streamstats to Retrieve the Last Instance of the Most Recent Field Value? Hello!I have multiple events that have the same field values, but are not necessarily in the same order. I want to be... by Traer001 Path Finder in Splunk Search 03-30-2021 0 1	0	1
	Predict with split by Hi,I want to do a predict command in conjunction with my login logs to see if there's any anomalous behaviour user by... by ebs Communicator in Splunk Search 03-30-2021 0 0	0	0
	How to convert a json into table with some unstructured data? So I have two different services where an API call starts from service A and propagates to service B. I want to trace... by jonthree Explorer in Splunk Search 03-30-2021 0 6	0	6
	Get the difference between strings Hello All,My Goal: I need to create a dashboard with multiple panels.Panel 1 would be total number of indexes reporti... by thirumaleshsplu Explorer in Splunk Search 03-30-2021 0 4	0	4
	Join and appendcols returns results, but not giving the desired results I have a CSV and a Keystore with data that I would like to join together. I read the documentation:https://docs.splu... by UMDTERPS Communicator in Splunk Search 03-30-2021 0 4	0	4
	Create a failed search job Hi, for a testing purpose, i would like to create a failed search job.. i did search for this, but no luck.. any sugg... by inventsekar SplunkTrust in Splunk Search 03-30-2021 0 4	0	4
	How to combine two searches in one search? HelloI am trying to get data from two different searches into the same panel, let me explain. Below is a search that... by UMDTERPS Communicator in Splunk Search 03-30-2021 0 1	0	1
	last status changed time Hi Guys, I have this query , which will provide me the list of “Name” on which ProtectionStatus is OFF.index=altiris ... by roopeshetty Path Finder in Splunk Search 03-30-2021 0 4	0	4
	Retrieving All Events After the Second Instance of an Event Hello! I am having trouble creating a query to retrieve all of the events between now and the second instance of a pa... by Traer001 Path Finder in Splunk Search 03-29-2021 0 1	0	1