Splunk Search

Community Activity

Filter events using Distinct Count instead of dedup Hello All, May I request you to help me with the query below I have two fields "customertripid & success"Customertri... by beriwalnishant Path Finder in Splunk Search 02-13-2021 0 8	0	8
Issues with lookup matching on field values Hi,I have scan dataset. It has a field name TEXT. This field contains the data for test results. I am provided a data... by mbasharat Builder in Splunk Search 02-12-2021 0 3	0	3
stats count for a text value associated with a number Hi everyone,I am stuck in a situation where in my app logs there are two important values(one is a number and other i... by lazyturtle_ Explorer in Splunk Search 02-12-2021 0 8	0	8
Stats Average after timechart incorrect I want to get a per second average over a period of time. I am running into an issue getting an average of these valu... by aohls Contributor in Splunk Search 02-12-2021 0 1	0	1
[Service Now Logs] How to hide from the search Events with the same number whose final state is "Closed" Hi Splunkers!First time posting here, but I could really need some help. I've been meddling with Splunk for a while, ... by JLC Observer in Splunk Search 02-12-2021 0 6	0	6
Finding Events Between Other Events I might be confusing myself by making this harder than it is...Say I have a log where the events are:LOGINACTION (1)A... by DLThurston Observer in Splunk Search 02-12-2021 0 3	0	3
Eliminating "duplicate" rows I am trying to construct an alert for someone when there is a duplex-mismatch on our network switches. When it happen... by _smp_ Builder in Splunk Search 02-12-2021 0 2	0	2
Input lookup and matadata truncates the logs Hi All,Can you please help me with my problem? I would like to check all the hosts in the CSV file which are for some... by diirn Explorer in Splunk Search 02-12-2021 0 4	0	4
Need the output of list of usernames and timestamp of the event in the splunk string Need the output of list of usernames and timestamp of the event in the splunk string for below event. We have list ... by ravir_jbp Explorer in Splunk Search 02-12-2021 0 1	0	1
combine events from index and inputlookup Hello,I would like some helpI am trying to combine 2 events from my index and 2 event coming from a lookup file, into... by hvdtol Path Finder in Splunk Search 02-12-2021 0 3	0	3
Filtering search results I'm a new user of Splunk 6.5.7. I have a search but only want results for 288 specific customerIDs. This would be a ... by Poacher Engager in Splunk Search 02-12-2021 0 2	0	2
Split Multiple data in column with mutliple delimiter Hello ! I am sorry if the issue has already been addressed. Several topics talk about it but I haven't been able to a... by bcouavoux Explorer in Splunk Search 02-12-2021 0 7	0	7
Eval based on multivalue field and _time I have a set of results with _time, many single value fields, and a multivalue field which contains a large set of ep... by adamsmith47 Communicator in Splunk Search 02-11-2021 0 1	0	1
Get source logs from pod Hello,I'm really a newbie with Splunk and just started to use it.First, can someone recommend me good tutorials about... by jocteau New Member in Splunk Search 02-11-2021 0 3	0	3
How can I avoid browser freeze when searched records are long with no newlines When I do some searches I get records which are very long and have no newlines. The browser (Firefox in my case) effe... by petenetwork Explorer in Splunk Search 02-11-2021 0 2	0	2
Why is my newly created field extraction not showing up in the fields sidebar? I've seen similar questions to mine asked, but none of the advice has solved my issue. I created a new field extract... by martywalser Explorer in Splunk Search 02-11-2021 1 11	1	11
Need Help with query Trying build a time chart for Top 10 CPU consuming Processes for a Linux host for a given timeframe. index=os host=x... by omprakash9998 Path Finder in Splunk Search 02-11-2021 0 1	0	1
I'm trying to search between 2 indexes that correlates field value to return back certain fields. I'm trying to search between 2 indexes that correlates field value to return back certain fields.For example index a ... by payton_tayvion Path Finder in Splunk Search 02-11-2021 0 1	0	1
Why search can return 200 result but stats count by host shows 0 result I used query index=testindex _raw=* and successfully returned 200+ result.However, when I added stats index=testindex... by mind1n Engager in Splunk Search 02-11-2021 0 2	0	2
Find values for specific distinct counts Hello all!I was hoping to take a distinct count and show either the count, or if the count is 1, show the value that ... by mztopp Explorer in Splunk Search 02-11-2021 0 2	0	2
way to run mulitple fields against a lookup, with OR statement I am trying to run two fields against one column using a lookup. This SPL does not work, but conveys what I am trying... by spicy Path Finder in Splunk Search 02-11-2021 0 2	0	2
Duplicate Entries in Table While using the table for bro conn data, I am getting duplicate data; however, if I use mvdedup, I get all the desire... by geekf Path Finder in Splunk Search 02-11-2021 0 2	0	2
Multivalue fields difference on multiple records Hello folks,I am having a hard time getting the difference between two fields of the same record, where the search qu... by Viorel Explorer in Splunk Search 02-11-2021 0 5	0	5
Merging TWO Timecharts overlay-One on Top of One Another I have the following search. index=ko_autosys sourcetype=autosys_applog_scheduler_events host="usatlb98" OR host="us... by zd00191 Communicator in Splunk Search 02-10-2021 0 4	0	4
Exclude statusCodes that are Not Three Digits I'm trying to pick up the status codes for a given api, 4XX and 5XX. I've typically done this with something like th... by rick4039 Explorer in Splunk Search 02-10-2021 0 2	0	2