Splunk Search

Community Activity

Add AVG to Chart Results Hello everyone.I want to make a statistic of tickets. How many are opend everyday by CI Name. And I wnat to add an AV... by jessicadrechsel New Member in Splunk Search 02-20-2021 0 1	0	1
How to count the number of event based on JSON field structure/keys in Splunk I want to count the number of occurrence of a specific JSON structure. For example in my event there is a field calle... by samgol New Member in Splunk Search 02-20-2021 0 1	0	1
search time extraction on specific index I have 2 data inputs going to 2 separate indexes. I have 2 different REGEX expressions to obtain IPAddress and Hostn... by dgnatowski New Member in Splunk Search 02-20-2021 0 1	0	1
Finding time difference between 2 events with different states I am trying to find the time difference between 2 events with different states, in particular when the device turns o... by KaitoKozo Explorer in Splunk Search 02-20-2021 0 1	0	1
How to use elapsed time as X axis scale My dataSend_DataErrorAll_Request2018-01-020102018-01-031602018-01-042302018-01-05020..........2021-02-01520I want to ... by anmouer New Member in Splunk Search 02-20-2021 0 1	0	1
How to check extracted field data are consistent across the events and it can be used for data normalization? Hi All,Hey I had couple of fields extracted and most of the field values are Null and contains lesser field value ca... by Hemnaath Motivator in Splunk Search 02-20-2021 0 1	0	1
data acceleration model I have a accelerated data model where I would like to run multiple searches. Total of four searches running to find d... by kishan2356 Explorer in Splunk Search 02-20-2021 0 1	0	1
Splunk Search Not Returning Complete Results The intention of this correlation search is to find all new local admin accounts on end user devices. Problem is, whe... by SplunkUserD Engager in Splunk Search 02-20-2021 0 1	0	1
ERROR Timeliner - xyz Events missing due to corrupt or expired remote artifact(s). Hi ,We noticed errors in the splunkd.log.These are all the messages from Timeliner that appears on the search head :E... by pragycho Loves-to-Learn in Splunk Search 02-20-2021 0 1	0	1
How to add addcoltotals functionality to show average and the total Hi,I currently have a search to show IIS success, failures,total,failure success percentage, percentage,failure perce... by joe06031990 Communicator in Splunk Search 02-20-2021 0 1	0	1
Best way to dump Azure UPNs into scheduled lookup. I'm trying to dump this info into a scheduled lookup but these are just azuread UPNs that are appearing in the logs f... by fdevera Path Finder in Splunk Search 02-20-2021 0 1	0	1
Standard deviation in a period of time Hi, I'm trying to calculate the standard deviation for range of time to create an alert an know when the total of tra... by edfigue Engager in Splunk Search 02-20-2021 0 1	0	1
How to optimize this timechart query I have this query index=some_index \| timechart limit=15 useOther=false count by acct_id and it needs to run up to a t... by klim Path Finder in Splunk Search 02-20-2021 0 7	0	7
how to use format in a subsearch to make a tstats command I know you can use a search with format to return the results of the subsearch to the main query. Like for example I ... by klim Path Finder in Splunk Search 02-20-2021 0 1	0	1
Time wrong even with the correct timezone set up I just moved over to a docker Splunk set up and im having an issue where Splunk thinks im in UTC even when the prefer... by treverce Explorer in Splunk Search 02-20-2021 0 0	0	0
How to create a Pie Chart of particular events as percentage of all events? Hi. I am new to Splunk. I want to create a Pie Chart that consists of a particular type of event as a percentage of a... by ForeverNoob2 Engager in Splunk Search 02-20-2021 0 2	0	2
Nature of traffic Hi, I have two instances of Asterisk running in my production environment. The third server has a Splunk indexer inst... by hishamjan Explorer in Splunk Search 02-20-2021 0 1	0	1
Ip resolving from host name in events I have some forwarders which are sending logs to indexers in another subnets and i have connected search head to thes... by Astorn Loves-to-Learn in Splunk Search 02-20-2021 0 1	0	1
limits.conf modify time out search I am performing a query to generate a chart.The query time range is the previous 7 days, when I use this time range ... by splunkcol Builder in Splunk Search 02-20-2021 0 1	0	1
performing calculations on fields from different sourcetypes HiI need to calculate a sum of different counters from several sourcetypes. They are located in one index, but simple... by flyingpiglet Engager in Splunk Search 02-20-2021 0 6	0	6
Splunk query to find IP attack in Geo Map index=graphsecurityalert having information's about all attacks in "title" fieldindex=zscaler having information's a... by alexspunkshell Contributor in Splunk Search 02-20-2021 0 1	0	1
Chart command generates duplicate bins when span argument contains a fractional value In Splunk Enterprise 8.1, when using chart with spans containing fractional values of 0.54, 0.95, and others that res... by tscroggins Influencer in Splunk Search 02-20-2021 1 0	1	0
how to create hyperlink that directs to search query on splunk dashboard Hello , Please help on the below:it should look like below 2 rowssearch by employeeid(hyperlink)search by app(hyperli... by REACHGPRAVEEN Explorer in Splunk Search 02-19-2021 0 1	0	1
How do I get the average of all the individual rows and append those values as a column dynamically? How do I get the average of all the individual rows (like the addtotals but average) and append those values as a col... by HattrickNZ Motivator in Splunk Search 02-19-2021 0 7	0	7
Combine 3 queries into tabular form for export to .csv Hi All,Need some assistance combining 3 queries in tabular form so I can export them to a lookup table.I'm also tryin... by shrogers Loves-to-Learn Everything in Splunk Search 02-19-2021 0 3	0	3