Splunk Search

Community Activity

Using earliest with custom time field This below query gives me the earliest trigger_name according to the splunk log timestamps. But I have a custom times... by agh Explorer in Splunk Search 03-17-2021 0 1	0	1
Compare output of a search to a lookup values Hello everyone, I am trying to compare a list of IPs from a lookup with a output from a search field, and instated of... by gl_splunkuser Path Finder in Splunk Search 03-17-2021 0 1	0	1
External command based lookup 'X' is not available because KV Store initialization has failed. Contact yo I'm getting this error when I run a report:External command based lookup 'x' is not available because KV Store initia... by Splunk_2021 Observer in Splunk Search 03-17-2021 0 0	0	0
Top 10 Splunk Users I need to get a top 10 of the users who use Splunk the most by splunkcol Builder in Splunk Search 03-17-2021 0 2	0	2
field values with "invisible" characters? I have a number of events searchable by:index=main sourcetype="myevents"All of them show foo field with value barWhen... by gliptak Explorer in Splunk Search 03-17-2021 1 0	1	0
Drilldown not working, even when using I am having a similar issue to this thread here, but my drilldown search still won't work (explanation below):https:/... by UMDTERPS Communicator in Splunk Search 03-17-2021 0 6	0	6
Toggling alerts on/off Hi, If you have (for arguments sake) 10 alerts setup in the Splunk Cloud version. Is there a way to toggle all of t... by rsmall13 Explorer in Splunk Search 03-17-2021 0 1	0	1
Multiple values field extraction with colon delimiter Hi all,i have been trying to extract error code which is alphanumeric and is delimited as per below but not able to e... by kumar497 Path Finder in Splunk Search 03-17-2021 0 4	0	4
Extract field from group with minimum timestamp I have a query like this where i group by REQUEST_ID eventtype=sfdc-event-log EVENT_TYPE="ApexTrigger" REQUEST_ID!="... by agh Explorer in Splunk Search 03-17-2021 0 4	0	4
Eval If Else with calculations Hi,I am stuck with this from last few days and i really need some help.M trying to create a gauge for displaying the ... by mariamathewtel Explorer in Splunk Search 03-17-2021 0 0	0	0
The search job terminated unexpectedly. Splunk internal logs: INFO StreamedSearch - Streamed search connection terminated Splunk search:index=oswinsec source... by priyanka_231019 Explorer in Splunk Search 03-17-2021 0 2	0	2
how to make time_token.earliest in readable format Hi,I have like this<title>Report $time_token.earliest$</title>result : Report -30d@dcan the result be changed to show... by chuck_life09 Path Finder in Splunk Search 03-17-2021 0 1	0	1
Combine two search queries to display count One of the search queries provides a TimerName and an ID as a field. Another search provides the TYPE of the ID as a ... by thenormalone Path Finder in Splunk Search 03-17-2021 0 3	0	3
Drilldown to URL on single column Hi, I am trying to enable drill-down on only single column present in table in my dashboard named "Training_Link". I ... by Rgk_Trail Explorer in Splunk Search 03-17-2021 0 4	0	4
Move values in columns to top independently? Hi,I'm a bit stuck with a data transformation. I got it to a point where all the columns and values are in the right ... by skriticos2 Loves-to-Learn Lots in Splunk Search 03-17-2021 0 9	0	9
How to compare the values of dynamic column? Hello Splunkers,My search executes monthly, over a period of 3 months data, since march is going on my last 3 months ... by sarvesh_11 Communicator in Splunk Search 03-17-2021 0 4	0	4
csv file in blob storage I am ingesting from blob storage and have downloaded an example of the file and uploaded to a standalone box and crea... by Skins Path Finder in Splunk Search 03-17-2021 0 7	0	7
How to use the query that Field extractor generate to use in your search Hi, so I try to use Field Extractor (in Extract new fields) to extract some fields from raw logs to make a table. I h... by phamxuantung Communicator in Splunk Search 03-16-2021 0 1	0	1
Splunk Rex query to extract field after a particular exact word only So this is my sample data :10.3.31.252 - - 15/Mar/2021:14:06:28 +0000 "POST /usenames/rest/sessionscookie dest oamdas... by jonthree Explorer in Splunk Search 03-16-2021 0 3	0	3
Adding timerangepicker to Dashboard of Report Panels?? Hello Everyone,This may be an odd question, but I am wondering how (if possible) to add a useful timerangepicker to a... by sarge338 Path Finder in Splunk Search 03-16-2021 0 1	0	1
How to check if a host ever reported to Splunk How to check if a couple of hosts /VMs ever reported to Splunk? I have looked in Deployment server, no sign of them o... by SamHTexas Builder in Splunk Search 03-16-2021 0 3	0	3
Use Rex extracted field to do duration calculations I have a bunch of logs contains different table operation, and I want to check how much time each table operation cos... by last_dance Observer in Splunk Search 03-16-2021 0 2	0	2
[SUSE] Crash - Splunk SH is not able to perform a search against indexers. We are testing our upgrade from Splunk 7.3.1 to 8.1.2. Once we upgrade the SH regardless of the indexers' version 7.3... by sylim_splunk Splunk Employee in Splunk Search 03-16-2021 0 2	0	2
[8.0.6] Scheduler stops dispatching scheduled searches intermittently. Our Splunk SH cluster scheduler stopping, users complaining that alerts/scheduled reporting not running or processin... by sylim_splunk Splunk Employee in Splunk Search 03-16-2021 1 1	1	1
Based on key passed want to fetch value data from csv file I have one csv file with empid as key and name as value..sample Data looks like emp id is E101 value is John ..now ... by sandeepshelar4 Loves-to-Learn Lots in Splunk Search 03-16-2021 0 1	0	1