Splunk Search

Community Activity

Add transactions with a sub-search Hello,@scelikokCould you help me on the following search please?I have a main search which groups me together all the... by wcastillocruz Path Finder in Splunk Search 03-03-2021 0 0	0	0
How to get average count of one field by day as a line chart I have events that contain a userId field and I would like to make a line chart to visualize the average count per da... by vmvd Explorer in Splunk Search 03-03-2021 0 3	0	3
How to handle \n in regex In some of the events, I have '\n' in the events :message: org.springframework.jdbc.UncategorizedSQLException: Calla... by ppatkar Path Finder in Splunk Search 03-03-2021 0 1	0	1
Adding column based on values from other columns I have this code that shows me the start and end times of runs of a program:index=index1 source=source1 \| transaction... by Soogbad Engager in Splunk Search 03-03-2021 0 3	0	3
How to filter IIS logs with regular expression? i do like to filter out Status code and Time Taken and other as fields#Fields: date time s-ip cs-method cs-uri-stem c... by sachdeva_2007 Explorer in Splunk Search 03-03-2021 0 8	0	8
How to transpose a table by id? Hi All,I have a table similar to the followingidtime12021-03-03 13:52:53.15812021-03-03 13:52:53.00112021-03-03 13:52... by simo Path Finder in Splunk Search 03-03-2021 0 2	0	2
How to index only the data payload from json so that it will be recognized as a standard access_combined_wcookie sourcetype? I have my apache access logs going to cloudwatchlogs in aws. I used to use the aws addon TA for splunk to collect the... by hnelsonit Explorer in Splunk Search 03-03-2021 0 7	0	7
regex exclude nth word in the event I want to ignore the actual file name in my exception events so I can group the exceptions .For example, regex on bel... by ppatkar Path Finder in Splunk Search 03-03-2021 1 4	1	4
Free space counter for C D and E drive in table format for multiple Windows server Below are the event count in splunk. I am trying to create "% Free Space" for all three drive (C:,  E).03/02/2021 23... by ravir_jbp Explorer in Splunk Search 03-03-2021 0 7	0	7
Color scale table Hi, I have problem with coloring my table. The picture shows my settings for coloring special fields. However, the 85... by schufi01 Path Finder in Splunk Search 03-03-2021 0 0	0	0
Search under same field value We have below log event rows - correlationKey=abc msg="create cache for 123"correlationKey=abc "read cache for 123"co... by enpingtu New Member in Splunk Search 03-02-2021 0 3	0	3
regex help Can someone assist extracting fields using the string below?The first line is header info: date, protocol, response_s... by pc1234 Explorer in Splunk Search 03-02-2021 0 3	0	3
Splunk DB Connect - dbquery inline search and time filtering not working Hi all, I am currently working on various Dashboards for my company, for some of them i need to request data from lo... by guilmxm Influencer in Splunk Search 03-02-2021 0 20	0	20
Partial JSON formatting in an event I have events that often have lager JSON data in them, however, I need to send additional data along with them. Typic... by trever Loves-to-Learn in Splunk Search 03-02-2021 0 2	0	2
Trimming last 8-9 chars from string Hello all, I am having the following list:1ais-notification-service-tm-nft-27-9gv6s642dk0332-e2ais-notification-servi... by jugarugabi Path Finder in Splunk Search 03-02-2021 0 18	0	18
sendemail to a field value - without script? Hi, I am trying to send search results to an email address using the sendemail command. If I "hardcode" the to field... by bcusick Communicator in Splunk Search 03-02-2021 0 5	0	5
For Xml data join 2 tables with different fields Table A:<Type LineNo="589123363" > <Type> <OrderLine Line="6" PrimeNo="3" S="2"> Code="75602005" /> </OrderLine> <O... by Annna Explorer in Splunk Search 03-02-2021 0 15	0	15
Concurrent logons from different workstations I have a requirement to see which users have logged into multiple servers before logging out of the previous server. ... by pstephens93 Explorer in Splunk Search 03-02-2021 0 0	0	0
Extract a field from a search and remove trailing character I have 2 splunk indexes from which I need to gather data from, so I have a simple splunk search (that queries for dif... by thenormalone Path Finder in Splunk Search 03-02-2021 0 4	0	4
sort columns that with the highest Total to the left Hello, I have the following search: index="_internal" sourcetype="scheduler" thread_id="AlertNotifier*" NOT (alert_... by damucka Builder in Splunk Search 03-02-2021 0 3	0	3
Create an Own column in my query Hello,I have a query (e.g. "....... " \| stats count, avg(...)) and after that I get as resultCount avg20 40Wha... by exchanger Path Finder in Splunk Search 03-02-2021 0 2	0	2
Split 2 fields into each rows How to have split, i tired many ways but its coming out.Output:ABC288136957166871812288137548162919303288137548269101... by Annna Explorer in Splunk Search 03-02-2021 0 4	0	4
Help understanding appendpipe Hi,I didn't find anything about this while searching so here's my question.I'm working on the proving a negative prob... by chirsf Explorer in Splunk Search 03-02-2021 0 5	0	5
Can we check App permission via Splunk logs Here is the requirement:I wanted to create a form with list of Apps in my Search head Dropdown. If the Developer choo... by Naga Engager in Splunk Search 03-02-2021 0 2	0	2
Why does Splunk include null columns in data by default? This is something I've always wondered, and I can't understand the reasoning behind it or how to fix it. This is my ... by rbechtold Communicator in Splunk Search 03-02-2021 0 3	0	3