Splunk Search

Community Activity

regex exclude nth word in the event I want to ignore the actual file name in my exception events so I can group the exceptions .For example, regex on bel... by ppatkar Path Finder in Splunk Search 03-03-2021 1 4	1	4
Free space counter for C D and E drive in table format for multiple Windows server Below are the event count in splunk. I am trying to create "% Free Space" for all three drive (C:,  E).03/02/2021 23... by ravir_jbp Explorer in Splunk Search 03-03-2021 0 7	0	7
Color scale table Hi, I have problem with coloring my table. The picture shows my settings for coloring special fields. However, the 85... by schufi01 Path Finder in Splunk Search 03-03-2021 0 0	0	0
Search under same field value We have below log event rows - correlationKey=abc msg="create cache for 123"correlationKey=abc "read cache for 123"co... by enpingtu New Member in Splunk Search 03-02-2021 0 3	0	3
regex help Can someone assist extracting fields using the string below?The first line is header info: date, protocol, response_s... by pc1234 Explorer in Splunk Search 03-02-2021 0 3	0	3
Splunk DB Connect - dbquery inline search and time filtering not working Hi all, I am currently working on various Dashboards for my company, for some of them i need to request data from lo... by guilmxm Influencer in Splunk Search 03-02-2021 0 20	0	20
Partial JSON formatting in an event I have events that often have lager JSON data in them, however, I need to send additional data along with them. Typic... by trever Loves-to-Learn in Splunk Search 03-02-2021 0 2	0	2
Trimming last 8-9 chars from string Hello all, I am having the following list:1ais-notification-service-tm-nft-27-9gv6s642dk0332-e2ais-notification-servi... by jugarugabi Path Finder in Splunk Search 03-02-2021 0 18	0	18
sendemail to a field value - without script? Hi, I am trying to send search results to an email address using the sendemail command. If I "hardcode" the to field... by bcusick Communicator in Splunk Search 03-02-2021 0 5	0	5
For Xml data join 2 tables with different fields Table A:<Type LineNo="589123363" > <Type> <OrderLine Line="6" PrimeNo="3" S="2"> Code="75602005" /> </OrderLine> <O... by Annna Explorer in Splunk Search 03-02-2021 0 15	0	15
Concurrent logons from different workstations I have a requirement to see which users have logged into multiple servers before logging out of the previous server. ... by pstephens93 Explorer in Splunk Search 03-02-2021 0 0	0	0
Extract a field from a search and remove trailing character I have 2 splunk indexes from which I need to gather data from, so I have a simple splunk search (that queries for dif... by thenormalone Path Finder in Splunk Search 03-02-2021 0 4	0	4
sort columns that with the highest Total to the left Hello, I have the following search: index="_internal" sourcetype="scheduler" thread_id="AlertNotifier*" NOT (alert_... by damucka Builder in Splunk Search 03-02-2021 0 3	0	3
Create an Own column in my query Hello,I have a query (e.g. "....... " \| stats count, avg(...)) and after that I get as resultCount avg20 40Wha... by exchanger Path Finder in Splunk Search 03-02-2021 0 2	0	2
Split 2 fields into each rows How to have split, i tired many ways but its coming out.Output:ABC288136957166871812288137548162919303288137548269101... by Annna Explorer in Splunk Search 03-02-2021 0 4	0	4
Help understanding appendpipe Hi,I didn't find anything about this while searching so here's my question.I'm working on the proving a negative prob... by chirsf Explorer in Splunk Search 03-02-2021 0 5	0	5
Can we check App permission via Splunk logs Here is the requirement:I wanted to create a form with list of Apps in my Search head Dropdown. If the Developer choo... by Naga Engager in Splunk Search 03-02-2021 0 2	0	2
Why does Splunk include null columns in data by default? This is something I've always wondered, and I can't understand the reasoning behind it or how to fix it. This is my ... by rbechtold Communicator in Splunk Search 03-02-2021 0 3	0	3
Display CPU Utilization per host per time using +Add Inputs from Edit Dashboard Hi,below is the timechart for my search to display CPU utilization of my forwarders and indexerUsing the host dropdow... by hishamjan Explorer in Splunk Search 03-02-2021 0 1	0	1
Add field to timechart Hi,I got a timechart that shows the number of critical package losses per day. Additionally I calculate the average o... by schufi01 Path Finder in Splunk Search 03-02-2021 0 1	0	1
left join not working hi Splunk community, Somehow my left join is not working if I select all EntityIDs. Althought when I select a single ... by zarrukh2010 Observer in Splunk Search 03-02-2021 0 8	0	8
pie chart Hi,I got a splunk search that monitors, how many different hosts there were in the chosen timespan. \| stats dc(host) ... by schufi01 Path Finder in Splunk Search 03-02-2021 0 3	0	3
Splunk query to find locations in Missile Map I want missile map showing details from one to other location with title.Please help me. Below is my query.index=grap... by alexspunkshell Contributor in Splunk Search 03-02-2021 0 0	0	0
Converting the result from my search Hello, i think its not that difficult, but i dont know how to do it. The result is in milliseconds. Is there an easy ... by exchanger Path Finder in Splunk Search 03-02-2021 0 4	0	4
Set an alert for 3 hosts when their CPU Utilization exceeds 80% Hi,I have Splunk Add-on for Unix and Linux installed on my 3 hosts sending data to an Indexer. I have created a dashb... by hishamjan Explorer in Splunk Search 03-02-2021 0 9	0	9