Splunk Search

Community Activity

Filtering search results I'm a new user of Splunk 6.5.7. I have a search but only want results for 288 specific customerIDs. This would be a ... by Poacher Engager in Splunk Search 02-12-2021 0 2	0	2
Split Multiple data in column with mutliple delimiter Hello ! I am sorry if the issue has already been addressed. Several topics talk about it but I haven't been able to a... by bcouavoux Explorer in Splunk Search 02-12-2021 0 7	0	7
Eval based on multivalue field and _time I have a set of results with _time, many single value fields, and a multivalue field which contains a large set of ep... by adamsmith47 Communicator in Splunk Search 02-11-2021 0 1	0	1
Get source logs from pod Hello,I'm really a newbie with Splunk and just started to use it.First, can someone recommend me good tutorials about... by jocteau New Member in Splunk Search 02-11-2021 0 3	0	3
How can I avoid browser freeze when searched records are long with no newlines When I do some searches I get records which are very long and have no newlines. The browser (Firefox in my case) effe... by petenetwork Explorer in Splunk Search 02-11-2021 0 2	0	2
Why is my newly created field extraction not showing up in the fields sidebar? I've seen similar questions to mine asked, but none of the advice has solved my issue. I created a new field extract... by martywalser Explorer in Splunk Search 02-11-2021 1 11	1	11
Need Help with query Trying build a time chart for Top 10 CPU consuming Processes for a Linux host for a given timeframe. index=os host=x... by omprakash9998 Path Finder in Splunk Search 02-11-2021 0 1	0	1
I'm trying to search between 2 indexes that correlates field value to return back certain fields. I'm trying to search between 2 indexes that correlates field value to return back certain fields.For example index a ... by payton_tayvion Path Finder in Splunk Search 02-11-2021 0 1	0	1
Why search can return 200 result but stats count by host shows 0 result I used query index=testindex _raw=* and successfully returned 200+ result.However, when I added stats index=testindex... by mind1n Engager in Splunk Search 02-11-2021 0 2	0	2
Find values for specific distinct counts Hello all!I was hoping to take a distinct count and show either the count, or if the count is 1, show the value that ... by mztopp Explorer in Splunk Search 02-11-2021 0 2	0	2
way to run mulitple fields against a lookup, with OR statement I am trying to run two fields against one column using a lookup. This SPL does not work, but conveys what I am trying... by spicy Path Finder in Splunk Search 02-11-2021 0 2	0	2
Duplicate Entries in Table While using the table for bro conn data, I am getting duplicate data; however, if I use mvdedup, I get all the desire... by geekf Path Finder in Splunk Search 02-11-2021 0 2	0	2
Multivalue fields difference on multiple records Hello folks,I am having a hard time getting the difference between two fields of the same record, where the search qu... by Viorel Explorer in Splunk Search 02-11-2021 0 5	0	5
Merging TWO Timecharts overlay-One on Top of One Another I have the following search. index=ko_autosys sourcetype=autosys_applog_scheduler_events host="usatlb98" OR host="us... by zd00191 Communicator in Splunk Search 02-10-2021 0 4	0	4
Exclude statusCodes that are Not Three Digits I'm trying to pick up the status codes for a given api, 4XX and 5XX. I've typically done this with something like th... by rick4039 Explorer in Splunk Search 02-10-2021 0 2	0	2
Trouble With Ticker Not Populating Hello,This is a follow up post to my recent post on "Trouble with Hidden Panel Passing Value". I am having an issue w... by strehb18 Path Finder in Splunk Search 02-10-2021 0 0	0	0
how to find the earliest and latest event in an index? I simply looking for the fist event in an index and the last... to determine how long it took to index x data. any ... by hiddenkirby Contributor in Splunk Search 02-10-2021 2 12	2	12
Combining different searches into one search with different sources to produce one table view? HelloI wanted to request some assistance with the topic of combining different searches from the same index and same ... by Hudond Path Finder in Splunk Search 02-10-2021 0 3	0	3
Create Search using REST/JSON I can successfully create a search job with the help of the docs using a Curl command:curl -u "userName" -k https://h... by Tops_NI Engager in Splunk Search 02-10-2021 0 1	0	1
Panels take time to change Hi All,I am trying to display panel-One when selected One from the dropdown option, and panel-Two when selected Two f... by NS Explorer in Splunk Search 02-09-2021 0 5	0	5
Is there a setting to increase the "results per page" value when you show source? When I go to show source on an event, the maximum number of results I can display is 1000 (the "Results per page" dro... by Jeremiah Motivator in Splunk Search 02-09-2021 0 3	0	3
Need to create trellis view Hi,I have the below table:File_System Disk_Usage\logs 41\opt ... by Mrig342 Contributor in Splunk Search 02-09-2021 0 1	0	1
Splunk search bug on all data index but work well on few data Hi all, I'm creating couple of events with command : \| streamstats window=2 list(PI_Event_Status) as status list(PI_E... by cros Engager in Splunk Search 02-09-2021 0 2	0	2
How to extract value using rex? Hello,please, can you tell me how transform and extract value Timeout from next log:[Error] POS Card Validation - Res... by ivana27 Path Finder in Splunk Search 02-09-2021 0 5	0	5
Query to find devices are Commissioning and Decommissioning Need Query which we can track to find which Log sources are Commissioning and Decommissioning in SPlunk and generate ... by sahildb Engager in Splunk Search 02-09-2021 0 5	0	5