Splunk Search

Community Activity

How to convert column multivalue field to a single row Hi,I need to get the list of indexes with the roles on them.I use the following search:\| rest /services/authorization... by mlevsh Builder in Splunk Search 02-26-2021 0 1	0	1
Unable to compare two numerical fields i have two fields that are numerical fields. when I try a search that says: index="test" AND field1 > field2 i get n... by JustAnotherStud Engager in Splunk Search 02-26-2021 0 2	0	2
One source of truth I have an app with dozens of searches that refer to "groupings" of indexes based on several types of criteria. I woul... by drezanka Explorer in Splunk Search 02-26-2021 0 2	0	2
click jacking protection options? Hello Splunksters, Well I am trying to keep a bit of security to avoid click-jacking, though find myself in a pickle... by rbardonetorian Path Finder in Splunk Search 02-26-2021 0 3	0	3
Creating table using multiple lookup files and Index data Hi, I am a beginner in Splunk, need help to resolve dashboad related issueScenario:I have a table whose data is comin... by sapnasen222 New Member in Splunk Search 02-26-2021 0 1	0	1
Limited search join Hello awesome community!I got help from here once before so I will try again.I have two indexes, Index A and Index B.... by mattiasrs Explorer in Splunk Search 02-26-2021 0 3	0	3
on list of _time values how to get start and end times by specific date in splunk my search query returns list of _time values for multiple dates and below is start and end times for a each date2021-... by Sivakesava574 Explorer in Splunk Search 02-26-2021 0 2	0	2
Need help with the format of the fields in splunk query I have the final result which looks like below:Host Date Total_1 Total_2 To_be_removed Prod 02-26-2... by bhartiya008 Explorer in Splunk Search 02-26-2021 0 4	0	4
Why is the field count double the amount of total events? Hi there, I am new to Splunk and have sent some dummy JSON-data to Splunk. I notice that for example there are 20 e... by JosIJntema Explorer in Splunk Search 02-26-2021 1 8	1	8
Find Largest Files of Linux Using Splunk Hi everyone, On my Linux machine, which has Splunk Forwarder and Splunk Add-on for Unix and Linux installed, I'm usin... by hishamjan Explorer in Splunk Search 02-26-2021 0 3	0	3
Issue with Splunk Query Stats not brining in all values Hi All,I have a log which has below lines in it:"Results":{"Elapsed":"0","Message":"No of Application to Obsolete in ... by bhartiya008 Explorer in Splunk Search 02-25-2021 0 6	0	6
help on subsearch wich truncate events HiI use the search below but I lose some events because I have the following message :[subsearch]: Subsearch produced... by jip31 Motivator in Splunk Search 02-25-2021 0 16	0	16
How do I add two rows with different identifiers and chart? Hi,I have a table like this:Tag \| Valueaa \| 15.5bb \| 20cc \| 23I want to chart the value "dd ... by sriramv2006 Explorer in Splunk Search 02-25-2021 0 4	0	4
Can tables be used with top to display additional event fields Goal is to return a table that displays the Top 10 (md5) hashes in recorded alerts received over a 60 days period. ... by kelie Path Finder in Splunk Search 02-25-2021 0 9	0	9
How to make the values in a column the column names for a table? Hi all, I would like to make the values of a column the column names for a table. Currently, I am using the command... by chrismok Path Finder in Splunk Search 02-25-2021 1 2	1	2
Work around if sub-search does not return data for a where clause. Search: source=D:\XSP\importhelper source=IH_Daily\DebugImportHelper End \| eval dayBuffer=strftime(now(), "%d") \| ev... by griffinpair Path Finder in Splunk Search 02-25-2021 0 3	0	3
Xml path extract field <Shipment Action><ShipmentLines><ShipmentLine PrimeLine="2" /> <ShipmentLine PrimeLine="3"/><ShipmentLine PrimeLine="... by Annna Explorer in Splunk Search 02-25-2021 0 2	0	2
How to combine search results in order to use Start Time and End Time from Event 1 in JMS Queue pending messages? Hello, We are new to Splunk , learning and working customer requirments. You are requested to help on merging these t... by bojjas Observer in Splunk Search 02-25-2021 0 0	0	0
How can I search for same values within a field Hi, I have a field with multiple values, some of them share the same characters at the beginning of the values. I nee... by ynag Explorer in Splunk Search 02-25-2021 0 1	0	1
Service logs count very less to a particular host I'm having trouble writing a query which displays the action and host count where log count is below average on any h... by kgaurav Observer in Splunk Search 02-25-2021 0 1	0	1
Hide Drop Down Hi All,I want to always hide my drop down <input type="dropdown" token="TransactionID_filter" searchWhenChanged="tr... by rj1408 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Count number of diefferent field values Hi,My events contain a field named "fruit" that distinguishes, what kind of fruit the event is about. I would like t... by schufi01 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Evaluating content of a list of JSON key/value pairs in search I have a search where 2 of the fields returned are based on the following JSON structure:"tags": [ {<!-- --> ... by pracsys Engager in Splunk Search 02-25-2021 0 3	0	3
Subtract Dates/Time Hi,can somebody explain, why I dont get any results?index=... \| eval Timestamp=strftime(_time,"%d-%m-%Y %H:%M:%S") \|... by schufi01 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Automated an Alert with a complicated search query Hi, I want make a report(or Alert) each month to count the Total transaction success in 1 month and compare it to 3 m... by phamxuantung Communicator in Splunk Search 02-24-2021 0 4	0	4