Splunk Search

Community Activity

Work around if sub-search does not return data for a where clause. Search: source=D:\XSP\importhelper source=IH_Daily\DebugImportHelper End \| eval dayBuffer=strftime(now(), "%d") \| ev... by griffinpair Path Finder in Splunk Search 02-25-2021 0 3	0	3
Xml path extract field <Shipment Action><ShipmentLines><ShipmentLine PrimeLine="2" /> <ShipmentLine PrimeLine="3"/><ShipmentLine PrimeLine="... by Annna Explorer in Splunk Search 02-25-2021 0 2	0	2
How to combine search results in order to use Start Time and End Time from Event 1 in JMS Queue pending messages? Hello, We are new to Splunk , learning and working customer requirments. You are requested to help on merging these t... by bojjas Observer in Splunk Search 02-25-2021 0 0	0	0
How can I search for same values within a field Hi, I have a field with multiple values, some of them share the same characters at the beginning of the values. I nee... by ynag Explorer in Splunk Search 02-25-2021 0 1	0	1
Service logs count very less to a particular host I'm having trouble writing a query which displays the action and host count where log count is below average on any h... by kgaurav Observer in Splunk Search 02-25-2021 0 1	0	1
Hide Drop Down Hi All,I want to always hide my drop down <input type="dropdown" token="TransactionID_filter" searchWhenChanged="tr... by rj1408 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Count number of diefferent field values Hi,My events contain a field named "fruit" that distinguishes, what kind of fruit the event is about. I would like t... by schufi01 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Evaluating content of a list of JSON key/value pairs in search I have a search where 2 of the fields returned are based on the following JSON structure:"tags": [ {<!-- --> ... by pracsys Engager in Splunk Search 02-25-2021 0 3	0	3
Subtract Dates/Time Hi,can somebody explain, why I dont get any results?index=... \| eval Timestamp=strftime(_time,"%d-%m-%Y %H:%M:%S") \|... by schufi01 Path Finder in Splunk Search 02-25-2021 0 1	0	1
Automated an Alert with a complicated search query Hi, I want make a report(or Alert) each month to count the Total transaction success in 1 month and compare it to 3 m... by phamxuantung Communicator in Splunk Search 02-24-2021 0 4	0	4
Enlist size of files and directories in acsending order Hi,Is there a way to enlist the size of files that are indexed using the local host and universal forwarders? From th... by hishamjan Explorer in Splunk Search 02-24-2021 0 3	0	3
How to translate mv field extraction from SPL to configuration files? SituationI am trying to parse events with an unrestricted number of key value pairs that might also include empty va... by jmartens Path Finder in Splunk Search 02-24-2021 0 1	0	1
inputlookup to match a field value using a variable Hello Splunk team, I'm trying to append columns based in a search of a field (Network = Network_CIDR) in Ashland-Netw... by omun0z Explorer in Splunk Search 02-24-2021 0 2	0	2
Rest search with input from inputlook Hi,I'm bouncing my head against the wall for this (probably) simple question.. I've got a inputlookup "indexers". As ... by jariw Path Finder in Splunk Search 02-24-2021 0 3	0	3
Sending emails using sendemail and map command not sending empty emails I have the following question regarding using the sendemail command together with the 'map' one.Using the below searc... by assennikolov Explorer in Splunk Search 02-24-2021 0 4	0	4
Default value in Dashboard dynamic drop-down & hiding chart with depends My Dashboard contains 4 inputs : Time , 2 Drop Downs ( One Static whose value changes Second Dynamic Drop Down query... by ppatkar Path Finder in Splunk Search 02-24-2021 0 1	0	1
log volume by host Hello,I have 26 hosts reporting data to a specific index. These hosts are prone to malfunction at any time Is there ... by bgill0123 Loves-to-Learn in Splunk Search 02-24-2021 0 2	0	2
extract the value for the field incoming/d0000c00002/data_reuse/d000/d0000c00002/ar/shared/sdtm/prod/data/idap_20191011/dm.sas7bdat what I need is to... by hashsplunk Loves-to-Learn Lots in Splunk Search 02-24-2021 0 5	0	5
add token value of dropdown menu to search Hi,I would like to filter a dashboard by using a Dropdown Input at the top of my dashboard. By selecting one of the d... by schufi01 Path Finder in Splunk Search 02-24-2021 0 3	0	3
Extract New Field - First x characters Hi, I want to create a new field which will simply pull out the first x number of characters from a line on an event ... by robMZ Explorer in Splunk Search 02-24-2021 0 14	0	14
Unable to extract two different pattern strings by rex command {"timestamp":"2021-02-24T00:00:46.533+00:00","message":"Snapshot event published: SnapshotEvent(status=CREATED, versi... by bhaskar3107 New Member in Splunk Search 02-24-2021 0 1	0	1
Splunk Cloud Rest Api Python Hi there, i'am quite new to Splunk, I read a lot of documentation and examples of "How to search Splunk Cloud with R... by Mijato New Member in Splunk Search 02-24-2021 0 0	0	0
Timechart average Hi, I am pretty new to splunk and need help with a timechart.I have a timechart, that shows the count of packagelosse... by schufi01 Path Finder in Splunk Search 02-24-2021 0 7	0	7
Splunk multiple field extraction I have the below Splunk Event & need to extract multiple fields from the same : [TIMESTAMP=2021-02-19 12:16:30.684 ... by ppatkar Path Finder in Splunk Search 02-24-2021 0 4	0	4
Why is the Dashboard Base Search is not working for all panels? I did build a Dashboard with a base search and five panels, all based on the base search. Somehow, two of five panels... by hackentrick Engager in Splunk Search 02-23-2021 1 13	1	13