Splunk Search

Community Activity

Search under same field value We have below log event rows - correlationKey=abc msg="create cache for 123"correlationKey=abc "read cache for 123"co... by enpingtu New Member in Splunk Search 03-02-2021 0 3	0	3
regex help Can someone assist extracting fields using the string below?The first line is header info: date, protocol, response_s... by pc1234 Explorer in Splunk Search 03-02-2021 0 3	0	3
Splunk DB Connect - dbquery inline search and time filtering not working Hi all, I am currently working on various Dashboards for my company, for some of them i need to request data from lo... by guilmxm Influencer in Splunk Search 03-02-2021 0 20	0	20
Partial JSON formatting in an event I have events that often have lager JSON data in them, however, I need to send additional data along with them. Typic... by trever Loves-to-Learn in Splunk Search 03-02-2021 0 2	0	2
Trimming last 8-9 chars from string Hello all, I am having the following list:1ais-notification-service-tm-nft-27-9gv6s642dk0332-e2ais-notification-servi... by jugarugabi Path Finder in Splunk Search 03-02-2021 0 18	0	18
sendemail to a field value - without script? Hi, I am trying to send search results to an email address using the sendemail command. If I "hardcode" the to field... by bcusick Communicator in Splunk Search 03-02-2021 0 5	0	5
For Xml data join 2 tables with different fields Table A:<Type LineNo="589123363" > <Type> <OrderLine Line="6" PrimeNo="3" S="2"> Code="75602005" /> </OrderLine> <O... by Annna Explorer in Splunk Search 03-02-2021 0 15	0	15
Concurrent logons from different workstations I have a requirement to see which users have logged into multiple servers before logging out of the previous server. ... by pstephens93 Explorer in Splunk Search 03-02-2021 0 0	0	0
Extract a field from a search and remove trailing character I have 2 splunk indexes from which I need to gather data from, so I have a simple splunk search (that queries for dif... by thenormalone Path Finder in Splunk Search 03-02-2021 0 4	0	4
sort columns that with the highest Total to the left Hello, I have the following search: index="_internal" sourcetype="scheduler" thread_id="AlertNotifier*" NOT (alert_... by damucka Builder in Splunk Search 03-02-2021 0 3	0	3
Create an Own column in my query Hello,I have a query (e.g. "....... " \| stats count, avg(...)) and after that I get as resultCount avg20 40Wha... by exchanger Path Finder in Splunk Search 03-02-2021 0 2	0	2
Split 2 fields into each rows How to have split, i tired many ways but its coming out.Output:ABC288136957166871812288137548162919303288137548269101... by Annna Explorer in Splunk Search 03-02-2021 0 4	0	4
Help understanding appendpipe Hi,I didn't find anything about this while searching so here's my question.I'm working on the proving a negative prob... by chirsf Explorer in Splunk Search 03-02-2021 0 5	0	5
Can we check App permission via Splunk logs Here is the requirement:I wanted to create a form with list of Apps in my Search head Dropdown. If the Developer choo... by Naga Engager in Splunk Search 03-02-2021 0 2	0	2
Why does Splunk include null columns in data by default? This is something I've always wondered, and I can't understand the reasoning behind it or how to fix it. This is my ... by rbechtold Communicator in Splunk Search 03-02-2021 0 3	0	3
Display CPU Utilization per host per time using +Add Inputs from Edit Dashboard Hi,below is the timechart for my search to display CPU utilization of my forwarders and indexerUsing the host dropdow... by hishamjan Explorer in Splunk Search 03-02-2021 0 1	0	1
Add field to timechart Hi,I got a timechart that shows the number of critical package losses per day. Additionally I calculate the average o... by schufi01 Path Finder in Splunk Search 03-02-2021 0 1	0	1
left join not working hi Splunk community, Somehow my left join is not working if I select all EntityIDs. Althought when I select a single ... by zarrukh2010 Observer in Splunk Search 03-02-2021 0 8	0	8
pie chart Hi,I got a splunk search that monitors, how many different hosts there were in the chosen timespan. \| stats dc(host) ... by schufi01 Path Finder in Splunk Search 03-02-2021 0 3	0	3
Splunk query to find locations in Missile Map I want missile map showing details from one to other location with title.Please help me. Below is my query.index=grap... by alexspunkshell Contributor in Splunk Search 03-02-2021 0 0	0	0
Converting the result from my search Hello, i think its not that difficult, but i dont know how to do it. The result is in milliseconds. Is there an easy ... by exchanger Path Finder in Splunk Search 03-02-2021 0 4	0	4
Set an alert for 3 hosts when their CPU Utilization exceeds 80% Hi,I have Splunk Add-on for Unix and Linux installed on my 3 hosts sending data to an Indexer. I have created a dashb... by hishamjan Explorer in Splunk Search 03-02-2021 0 9	0	9
How to show all message from certain log via rex? Hi dear Splunkers,i have log like this :2021-02-11 14:47:51.167 [Error] ** Dummy User with dummyNumb:1111 Plate:AAAAA... by ivana27 Path Finder in Splunk Search 03-02-2021 0 7	0	7
Average on a value over time Hi, I have this data.. Jul 31 23:17:54 83.231.181.65 Jul 31 23:17:54.861457 host1 INFO switch=switch0 [DATA] switch... by matthewparry Path Finder in Splunk Search 03-01-2021 1 14	1	14
How do I extract a long string with double quotes and back slashes? Example 1: time="2021-02-26T04:20:27Z" level=error msg="[xx] failed processing case" caseNumber=1234 error="Received ... by szheng6699 Engager in Splunk Search 03-01-2021 0 1	0	1