Splunk Search

Community Activity

FieldSelector - p-values higher than >.05 in selected fields I've recently begun exploring the FieldSelector command to better understand what fields are the best predictor for a... by jpawloski Path Finder in Splunk Search 03-22-2021 0 0	0	0
How to make _time field to get the exact value of timestamp ? I have diffeence between _time and timestamp in terms of second . ( 5 to 50) . How to make the _time to get the exac... by ethanthomas Path Finder in Splunk Search 03-22-2021 0 1	0	1
How to view the contents of .kmz lookup files I do \| inputlookup geo_ocean.kmz for example but get an error. Please advise by SamHTexas Builder in Splunk Search 03-22-2021 0 0	0	0
Average alarms per reader So I'm having trouble figuring this one out. Basically for example we have 1000 alarms per day and 100 readers in our... by msage Path Finder in Splunk Search 03-22-2021 0 1	0	1
The "Where" command How do I search multiple field values with the "where" command. I am trying to search multiple field values that are... by antaeuslogan New Member in Splunk Search 03-22-2021 0 1	0	1
How do i get a count of each value of a field, and then extract the values whose count matches a certain number Hi,I have the below SPL which gets the count of each value of the field named "subject". I want to be able to select ... by ezmo1982 Path Finder in Splunk Search 03-22-2021 1 3	1	3
REgex to extract fields AZImaging/Projects/IMG2012002/WSI/D419BC00001/E7004004/SM/96b819b9-fc86-b81b-a999-55a72df0e05a.svsHi ,Above is the st... by hashsplunk Loves-to-Learn Lots in Splunk Search 03-22-2021 0 2	0	2
New field with conditional value I have a dashboard panel with a table that show 3 fields, each of which contain numeric values.A) "Backups started (c... by owulz Explorer in Splunk Search 03-22-2021 0 9	0	9
Adding increments of time to an event Hi Splunkers,I have gotten help on this type of problem and it has been very useful. However, I still stuck, but almo... by Mary666 Communicator in Splunk Search 03-21-2021 0 10	0	10
How to calculate duration for repeated event by unique string Hi,I am new to Splunk, just started for few days. Below is the events that I have searched and sorted, I would like ... by nraf Loves-to-Learn in Splunk Search 03-21-2021 0 3	0	3
Can I use data from other rows and set them to a different row who have the same key? Hi everyone, I would like to ask if it's possible to use data from another row, to be set as the value of a different... by yoshilog Explorer in Splunk Search 03-21-2021 0 2	0	2
Isolate date by adding greater than or equal to Hi,So my search window is from Feb 19 - Feb 23. I would like to have isolate Feb 19 - to have my events start on this... by luna Explorer in Splunk Search 03-20-2021 0 0	0	0
Where is Indexer specific props.Conf files saved? Is there individual indexer specific conf files present specially for Props.conf file ? In Linux , how can we identi... by ethanthomas Path Finder in Splunk Search 03-20-2021 0 2	0	2
Setting up earliest and latest time with relative date and fixed time I am trying to define a query where I have to use the earliest time as 2 days ago at 22:20:45 and latest time 1 day a... by AruBhende Explorer in Splunk Search 03-20-2021 0 1	0	1
Are the App Data Input fields extractable? I have an app that configures data inputs with columns for "Name" and "Destination". Once there is data in the sourc... by dglass0215 Path Finder in Splunk Search 03-20-2021 0 1	0	1
Issues with the schedule PDF generation While doing the schedule and export option of PDF generation , the graph format is getting truncated . However , the ... by ethanthomas Path Finder in Splunk Search 03-19-2021 0 0	0	0
Need to change the value of field using sed I want to replace the values of alertnateId and displayName to "****", I tried with below sed command but its not cha... by Vignesh-107 Path Finder in Splunk Search 03-19-2021 0 2	0	2
If there are multiple results in field2, for one value of field2 within a time interval So what I'm attempting to do, is I have a list of user, IP, city, state, country, time. I want to alert if I see a u... by jkw117 Observer in Splunk Search 03-19-2021 0 1	0	1
Calculate active Sprint Hi,How to create a query to show Active Sprint(JIRA) with Start and end date in my splunk dashboard.I dont have field... by Nith1 Path Finder in Splunk Search 03-19-2021 0 1	0	1
How do I get more context around my search result while searching in splunk? Suppose my log indexed in splunk looks like: 1 ... 50 abracadabra ... Now, I do a search for abracadabra. splunk w... by kimberlytrayson Path Finder in Splunk Search 03-19-2021 0 6	0	6
Show data from current week and breakdown weekly for the whole year for some fields Hi,I am a newbie to splunk so apologies if I didn't follow any right etiquettes while creating this issue.I am trying... by sumitdhameja1 Loves-to-Learn Everything in Splunk Search 03-19-2021 0 0	0	0
Only Listing Transactions with Multiple Events I am interested in only listing transactions of a given source entity that contain multiple events. Is there a quick... by epw0rrell Path Finder in Splunk Search 03-19-2021 0 4	0	4
help on sourcetype customization for log parsing helloI need to parse the kind of logs below Microsoft Windows [version 10.0.18363.1198] (c) 2019 Microsoft Corporati... by jip31 Motivator in Splunk Search 03-19-2021 0 5	0	5
outputcsv sequence Hi all,I have a scedulated serach every 30 minutes, which extracts a file in csvsearch \| outputcsv MyFileI need to pu... by simo Path Finder in Splunk Search 03-19-2021 0 3	0	3
Transaction startswith option I'm using the transaction with startswith to match multiple strings. I want any event that contains either of the str... by madan New Member in Splunk Search 03-19-2021 0 1	0	1