Splunk Search

Community Activity

Chart command generates duplicate bins when span argument contains a fractional value In Splunk Enterprise 8.1, when using chart with spans containing fractional values of 0.54, 0.95, and others that res... by tscroggins Champion in Splunk Search 02-20-2021 1 0	1	0
how to create hyperlink that directs to search query on splunk dashboard Hello , Please help on the below:it should look like below 2 rowssearch by employeeid(hyperlink)search by app(hyperli... by REACHGPRAVEEN Explorer in Splunk Search 02-19-2021 0 1	0	1
How do I get the average of all the individual rows and append those values as a column dynamically? How do I get the average of all the individual rows (like the addtotals but average) and append those values as a col... by HattrickNZ Motivator in Splunk Search 02-19-2021 0 7	0	7
Combine 3 queries into tabular form for export to .csv Hi All,Need some assistance combining 3 queries in tabular form so I can export them to a lookup table.I'm also tryin... by shrogers Loves-to-Learn Everything in Splunk Search 02-19-2021 0 3	0	3
Extracting fields and times as nested table I have a log with the following entries among others and I am looking for a way to display the top 2 times by each ac... by v33jay Explorer in Splunk Search 02-19-2021 0 5	0	5
Dnslookup can't resolve ip of events from indexers to hostname because there are in another network Hello,i have problem with dnslookup, i want to check what is the hostname of the ip, the ip is the ip address of host... by Astorn Loves-to-Learn in Splunk Search 02-19-2021 0 3	0	3
I'm looking to compare the _indextime to the _time field to look for anomalies I'm looking to do some alerting or analysis to help troubleshoot lag time and logging. I'd like to compare the _index... by crlunde Loves-to-Learn Everything in Splunk Search 02-19-2021 0 1	0	1
splunk I have two queries and i want to append those two queries and i need new column for separationfor ex:i got below resu... by vinod0313 Explorer in Splunk Search 02-19-2021 0 1	0	1
Changing max length of field I have a field that is more than 10,000 characters. I updated props.conf to include [source::log.txt] TRUNCATE=20000... by sc0tt Builder in Splunk Search 02-19-2021 0 8	0	8
How to check field values containing an underscore in splunk? Hi All, I was trying to filter out the usernames which contains underscore in splunk. I had tried with regex Accoun... by iamarkaprabha Contributor in Splunk Search 02-19-2021 0 3	0	3
Comparing 2 results and showing difference My scenario is that I am trying to alert in the event where a user has been provided to an application but that same ... by willadams Contributor in Splunk Search 02-19-2021 0 2	0	2
How to exclude the results from subsearch I have one query which looks like:Query1:index=test "TestRequest" \| dedup _time \| rex field=_raw "Price\":(?<price>.... by nits Explorer in Splunk Search 02-18-2021 0 4	0	4
parse and index json fields from string message Hello,I have log in the format "2021-02-18T16:17:12,189Z [main] INFO logname -streamstart-k1:V1,K2:V2,K3:V3,streamsto... by vashodha Loves-to-Learn Lots in Splunk Search 02-18-2021 0 4	0	4
Extract a string Hi everyone, I have the below string.isadhakdahdj asdh, hosadhao activity=Follow Up, entryName=Initial Outreach, asas... by rbachu1 Explorer in Splunk Search 02-18-2021 0 2	0	2
Compare 2 queries in a dashboard hello All, I have created a dashboard with two panels. The first panel runs a search (query below) for time-window-1 ... by Joe20 Explorer in Splunk Search 02-18-2021 0 1	0	1
Splunk field extraction Hello All, I am new to splunk and I have a question regarding the splunk field extraction. Consider the following ex... by Joe20 Explorer in Splunk Search 02-18-2021 0 2	0	2
How to convert seconds to [h]:mm:ss? Hi Guys! I have an error duration in seconds, how can I convert it to [h]:mm:ss? I used the below query but the if ... by auaave Communicator in Splunk Search 02-18-2021 1 6	1	6
Using bar dashboard with drilldowns > link to search > custome (with $click.value$ variable) I am trying to use the Drilldown on Click > Link to Search > custom :LOGRC_TYPE=F8 \| eval FUNC_TRAN =AFI_LOG03FUN+"-... by aneyraba New Member in Splunk Search 02-18-2021 0 0	0	0
Passing dynamic parameters in search running from cli Hi, Is there was to dynamically pass a value like below in Splunk for running a search from cli.I am trying to write ... by bsrikanthreddy5 Path Finder in Splunk Search 02-18-2021 0 2	0	2
Extracting XML value with <> using regex I need to create a regex to match the fieldname for first match and fieldvalue for the second match. Issue happens w... by michaelrosello Path Finder in Splunk Search 02-18-2021 0 11	0	11
How to check the total consumption out of the 500MB provided by free splunk? Hi, In my production environment, I have two Asterisk Servers installed where one of them caters to 95% of the data w... by hishamjan Explorer in Splunk Search 02-18-2021 0 6	0	6
more regex help :/ Hey All,I am trying to pull the username from the following event which is everything after the Rightnetworks\ in the... by tkerr1357 Path Finder in Splunk Search 02-18-2021 0 4	0	4
How to disable 'Export Results' for specific users or roles? Hi Splunkers, I was wondering if there is an option to disable Export Results option for specific users or roles. Ba... by Murali2888 Communicator in Splunk Search 02-18-2021 2 7	2	7
Listing detail of an individual without using stats and BY Hi,I have a dataset about transactions, each event is a transaction detail about response code(success or not), their... by phamxuantung Communicator in Splunk Search 02-18-2021 0 1	0	1
rex for dynamic parttern Hi, I have a raw log with structure like this: TIME\|FROM\|TO\|URL\|ERROR\|STATUS\|ALERT Example:Wed Jan 6 15:10:01 2021\|De... by phamxuantung Communicator in Splunk Search 02-18-2021 0 5	0	5