Splunk Search

Community Activity

Splunk Alert I am trying to create a Splunk alert where the log line is delimited with comma,I need to get the field 4 and check i... by sshanmua New Member in Splunk Search 03-23-2021 0 3	0	3
Syslog Filteration We are receiving around 300gigs of syslog data everyday and we want to filter all the logs and index only what the ne... by novotxms Loves-to-Learn in Splunk Search 03-23-2021 0 3	0	3
appendcols with proper info Hi, Following search query produces output in table below:index=_pods pod=* project=project_name state="Running"\| ev... by jugarugabi Path Finder in Splunk Search 03-23-2021 0 1	0	1
Create custom table Is it possible to have particular result in custom column which will fetch values from existing search and will show ... by himanshuqb Loves-to-Learn in Splunk Search 03-23-2021 0 0	0	0
Is there a way to only search * (asterisk)? Dear Experts , Please suggest an answer on a silly question If my log contains *(star) as a word/character . How w... by abhaybhagat08 New Member in Splunk Search 03-23-2021 0 4	0	4
Color results of pie chart based on a token Hi,My search returns a pie chart that is a sum of a variable (memory_usage_GB) and ploted by another variable (user).... by andres Loves-to-Learn Lots in Splunk Search 03-23-2021 0 0	0	0
Timechart stats I have simple search: index=xyz logLevel IN (ERROR, INFO)How do I plot two different color in a timespan chart?See... by noman377 Explorer in Splunk Search 03-23-2021 0 1	0	1
To generate two sets of values from one field Hi all,I am new to Splunk and I would like to seek help from the Splunk Community to generate the net power consumpti... by splunk_rookie Engager in Splunk Search 03-23-2021 0 4	0	4
ipinfo I am executing a query in splunk which is below : \| makeresults \| eval ip="$ip$" \| makemv delim="," ip \| mvexpand ip ... by ismail_salma198 Explorer in Splunk Search 03-22-2021 0 4	0	4
Dashboard panel statistic using extracted field not working HiI have a dashboard panel that displays (for a given server) 4 statistic values. Backups started, running, successfu... by owulz Explorer in Splunk Search 03-22-2021 0 0	0	0
collect command generates multiple rows in summary index for single event I am using the collect statement to collect a single event to a summary index. When run as a search, it will generate... by bowesmana SplunkTrust in Splunk Search 03-22-2021 0 0	0	0
_time and the timestamp in the row data are having slight variation I could see there is a slight difference ( in seconds - from 1 to 10) between the _time and the timestamp field in th... by ethanthomas Path Finder in Splunk Search 03-22-2021 0 3	0	3
SPL data input to SQL search? Hello All,I have a situation in which I need to use local lookup file as input in another search, however, the second... by sarge338 Path Finder in Splunk Search 03-22-2021 0 2	0	2
FieldSelector - p-values higher than >.05 in selected fields I've recently begun exploring the FieldSelector command to better understand what fields are the best predictor for a... by jpawloski Path Finder in Splunk Search 03-22-2021 0 0	0	0
How to make _time field to get the exact value of timestamp ? I have diffeence between _time and timestamp in terms of second . ( 5 to 50) . How to make the _time to get the exac... by ethanthomas Path Finder in Splunk Search 03-22-2021 0 1	0	1
How to view the contents of .kmz lookup files I do \| inputlookup geo_ocean.kmz for example but get an error. Please advise by SamHTexas Builder in Splunk Search 03-22-2021 0 0	0	0
Average alarms per reader So I'm having trouble figuring this one out. Basically for example we have 1000 alarms per day and 100 readers in our... by msage Path Finder in Splunk Search 03-22-2021 0 1	0	1
The "Where" command How do I search multiple field values with the "where" command. I am trying to search multiple field values that are... by antaeuslogan New Member in Splunk Search 03-22-2021 0 1	0	1
How do i get a count of each value of a field, and then extract the values whose count matches a certain number Hi,I have the below SPL which gets the count of each value of the field named "subject". I want to be able to select ... by ezmo1982 Path Finder in Splunk Search 03-22-2021 1 3	1	3
REgex to extract fields AZImaging/Projects/IMG2012002/WSI/D419BC00001/E7004004/SM/96b819b9-fc86-b81b-a999-55a72df0e05a.svsHi ,Above is the st... by hashsplunk Loves-to-Learn Lots in Splunk Search 03-22-2021 0 2	0	2
New field with conditional value I have a dashboard panel with a table that show 3 fields, each of which contain numeric values.A) "Backups started (c... by owulz Explorer in Splunk Search 03-22-2021 0 9	0	9
Adding increments of time to an event Hi Splunkers,I have gotten help on this type of problem and it has been very useful. However, I still stuck, but almo... by Mary666 Communicator in Splunk Search 03-21-2021 0 10	0	10
How to calculate duration for repeated event by unique string Hi,I am new to Splunk, just started for few days. Below is the events that I have searched and sorted, I would like ... by nraf Loves-to-Learn in Splunk Search 03-21-2021 0 3	0	3
Can I use data from other rows and set them to a different row who have the same key? Hi everyone, I would like to ask if it's possible to use data from another row, to be set as the value of a different... by yoshilog Explorer in Splunk Search 03-21-2021 0 2	0	2
Isolate date by adding greater than or equal to Hi,So my search window is from Feb 19 - Feb 23. I would like to have isolate Feb 19 - to have my events start on this... by luna Explorer in Splunk Search 03-20-2021 0 0	0	0