Splunk Search

Community Activity

Set an alert for 3 hosts when their CPU Utilization exceeds 80% Hi,I have Splunk Add-on for Unix and Linux installed on my 3 hosts sending data to an Indexer. I have created a dashb... by hishamjan Explorer in Splunk Search 03-02-2021 0 9	0	9
How to show all message from certain log via rex? Hi dear Splunkers,i have log like this :2021-02-11 14:47:51.167 [Error] ** Dummy User with dummyNumb:1111 Plate:AAAAA... by ivana27 Path Finder in Splunk Search 03-02-2021 0 7	0	7
Average on a value over time Hi, I have this data.. Jul 31 23:17:54 83.231.181.65 Jul 31 23:17:54.861457 host1 INFO switch=switch0 [DATA] switch... by matthewparry Path Finder in Splunk Search 03-01-2021 1 14	1	14
How do I extract a long string with double quotes and back slashes? Example 1: time="2021-02-26T04:20:27Z" level=error msg="[xx] failed processing case" caseNumber=1234 error="Received ... by szheng6699 Engager in Splunk Search 03-01-2021 0 1	0	1
Displaying concurrent users over time Hello, i have data with VPN connectivity. Format is quite simple: 1378764018782;1378764018781;OK First is Start Ti... by Matthias_BY Communicator in Splunk Search 03-01-2021 0 9	0	9
chart by 2 fields Hi,is there a possibility to create a chart by these two fields? If possible I would like to create a heatmap out of ... by schufi01 Path Finder in Splunk Search 03-01-2021 0 1	0	1
Get instance name from source Hi all,I am completely new to Splunk so I apologize if this has been asked/answered. I did review the past discussion... by bcalder New Member in Splunk Search 03-01-2021 0 3	0	3
Split a field Hi,I have 4 different correlation ID's in same row, I want to split them and place it in single row1aaaaa-2bbbb-3cccc... by VijaySrrie Builder in Splunk Search 03-01-2021 0 1	0	1
Join/Subsearch - unsure which to use and why My dataset is in a rather strange format. For a given 'event', I have numerous splunk entries all linked by a 'sessio... by jb123213123 Loves-to-Learn in Splunk Search 03-01-2021 0 7	0	7
Help in setting up token based on User Value Hello,I am trying to display couple of Dashboard Panels only to a specific user. For that i am trying to get the user... by shivamagrawa Explorer in Splunk Search 03-01-2021 0 3	0	3
Print string arrays in json in tabular format I need to print a string array along with one field in my json object. The data: { "key1":"val1", "key2":"value2", ... by ayushk23 Loves-to-Learn in Splunk Search 03-01-2021 0 1	0	1
Questions Hello everyone, I have a lookup table which have multiple fields, one of the fields is IP Address of an asset. Additi... by alnamlahk Loves-to-Learn in Splunk Search 02-28-2021 0 7	0	7
Recursive Query over Time I am searching for the best way to create a time chart that is created from queries that have to evaluate data over a... by rneel Explorer in Splunk Search 02-28-2021 0 7	0	7
newbie : how to compare two events from different source in one index by data in event and subtract time diff Please help. I just completed self learning fundamentals and already have a task I want to try, first post here so pl... by KING_JULIAN Engager in Splunk Search 02-28-2021 0 2	0	2
what does perc95 and all those stats functions perc* In stats calculation, I use average avg() and median but I saw other people using "percentage Xth" like perc95(). Wha... by mataharry Communicator in Splunk Search 02-28-2021 8 2	8	2
Difference between two perfmon counters from the same source to identify bottleneck Counter 1 - Perfmon: Inbound Data rateCounter 2 - Perfmon:Outbound Data ratesource="Perfmon:PostilionPostbridgeInter... by rholm01 Explorer in Splunk Search 02-27-2021 0 1	0	1
Is splunk8 using select2 I'm interested in using select2 js in splunk 8.Does anyone have any example that can help me get started. by aa70627 Communicator in Splunk Search 02-27-2021 0 1	0	1
Adding up the count overtime Hii have a requirement to create a dashboard to represent total eventsi have created a panel in the dashboard which r... by deepuhassan Explorer in Splunk Search 02-27-2021 0 1	0	1
How to convert column multivalue field to a single row Hi,I need to get the list of indexes with the roles on them.I use the following search:\| rest /services/authorization... by mlevsh Builder in Splunk Search 02-26-2021 0 1	0	1
Unable to compare two numerical fields i have two fields that are numerical fields. when I try a search that says: index="test" AND field1 > field2 i get n... by JustAnotherStud Engager in Splunk Search 02-26-2021 0 2	0	2
One source of truth I have an app with dozens of searches that refer to "groupings" of indexes based on several types of criteria. I woul... by drezanka Explorer in Splunk Search 02-26-2021 0 2	0	2
click jacking protection options? Hello Splunksters, Well I am trying to keep a bit of security to avoid click-jacking, though find myself in a pickle... by rbardonetorian Path Finder in Splunk Search 02-26-2021 0 3	0	3
Creating table using multiple lookup files and Index data Hi, I am a beginner in Splunk, need help to resolve dashboad related issueScenario:I have a table whose data is comin... by sapnasen222 New Member in Splunk Search 02-26-2021 0 1	0	1
Limited search join Hello awesome community!I got help from here once before so I will try again.I have two indexes, Index A and Index B.... by mattiasrs Explorer in Splunk Search 02-26-2021 0 3	0	3
on list of _time values how to get start and end times by specific date in splunk my search query returns list of _time values for multiple dates and below is start and end times for a each date2021-... by Sivakesava574 Explorer in Splunk Search 02-26-2021 0 2	0	2