Splunk Search

Community Activity

Calculating difference between two strftime fields Hello Splunkers:I'm looking to determine how many days file is out of date.I have two strftime fields and values:x = ... by jason_hotchkiss Communicator in Splunk Search 02-02-2021 0 2	0	2
Incomplete search results because of lookup definition's maximum match limit in Splunk Re-initiation of an older question I had asked: Hi,I have a need for an alternative of \| lookup abc field1 AS field2 ... by mbasharat Builder in Splunk Search 02-02-2021 0 4	0	4
How to generate a search to find the average Splunk CPU and Memory usage for 24 hours? Hi All, I want to get the Splunk average CPU and memory usage for 24 hours using a search. Can you please help in bu... by nnimbe Path Finder in Splunk Search 02-02-2021 0 7	0	7
Need to create rex command to extract field Hi,We have below type of logs:Log1-- 2021-02-02 10:12:49.889, APP_NAME="com.abcdef.abcdefghijkl", APP_TEMP_NAME="com.... by Mrig342 Contributor in Splunk Search 02-02-2021 0 4	0	4
Field will not convert time Hello Splunkers,I have the following field with a date/time stamp: 2021-02-02 15:58:34.0I am trying to convert it to... by jason_hotchkiss Communicator in Splunk Search 02-02-2021 0 2	0	2
Count objects grouped by transaction I need to count the number objects grouped by a transaction command. The command is:index=* sourcetype="pan:*"\| trans... by mpdharley Engager in Splunk Search 02-02-2021 0 2	0	2
How to filter a record among multiple events I have a table like in splunk this:appname valuetimeapp1102020-12-30app1122020-12-31app2232020-12-30app2202020-12-31 ... by febbi Explorer in Splunk Search 02-02-2021 0 10	0	10
Real time search seems to match results, but never displays them Hello,Our goal is to define some alerts based on some custom searches from our indexed data. We wrote the search quer... by NOCSSMS Explorer in Splunk Search 02-02-2021 0 0	0	0
Lookup csv file doesn't load completely Hello,We're running Splunk 8.0.3 with a 2G/day license and want to load a CSV with 332928 lines so that we can use it... by NOCSSMS Explorer in Splunk Search 02-02-2021 0 2	0	2
Easy Epoch time transformation I have a lot of DB Connect inputs connecting to MS SQL databases. a lot of the data i am pulling from these inputs h... by nkrestakos Engager in Splunk Search 02-01-2021 0 2	0	2
Is the information in the search job inspector stored in Splunk internally so I can query this data and set up dashboards? I have been tasked to find a way to report on the overall query load to our Splunk system by customers that we have u... by feickertmd Communicator in Splunk Search 02-01-2021 2 7	2	7
splunk stream HiMy servers (clients) are running splunk stream. I believe within the deployment server will contain the configurat... by iherb_0718 Path Finder in Splunk Search 02-01-2021 0 1	0	1
How do i check aws autoscaling reason in the AWS log file ? Hi I have seen a significant traffic increase (Network In ) in our environment. However i tried investigating thoug... by jaibalaraman Path Finder in Splunk Search 02-01-2021 0 2	0	2
Query to find events with more than 2 values for a specific field compared to another field I'm trying to create a query to show me all users who have purchased more than 1 type of product.Each event has a "us... by john_byun Path Finder in Splunk Search 02-01-2021 0 2	0	2
How can I group counts by time ranges in a row? For a certain time range, I want to group together the counts in a single row, divided into equal time slices.For exa... by OliverG91 Explorer in Splunk Search 02-01-2021 0 4	0	4
list eventccode and host Hello,I hope someone could help me out figuring out this one out. The core of what I am trying to do is get a list of... by Huss54 Engager in Splunk Search 02-01-2021 0 3	0	3
create table of first and last logins for multiple users Hello all,looking to get both the first and last event for each user of the bellow search if anyone can help. index=w... by tkerr1357 Path Finder in Splunk Search 02-01-2021 0 2	0	2
Files with Multiple extensions I am a Splunk newbie and need to be able to search for files with multiple extensions (example: filename.ps1.doc) an... by Bellthazor Engager in Splunk Search 02-01-2021 0 2	0	2
Trouble with Hidden Panel Passing a Value Hello,I am having trouble with a panel staying hidden when the search above shows no results. I would like to create ... by strehb18 Path Finder in Splunk Search 02-01-2021 0 4	0	4
Adding a predicted cumulative value to a stacked bar chart I wish to take a stacked bar chart, use 'addtotals' to create a field representing the cumulative value of the stacke... by rbolande Explorer in Splunk Search 02-01-2021 0 3	0	3
How to group by latest date? Hi,See, I have been trying to group my result query based on the latest date in order to remove duplicates and get th... by designer46 Explorer in Splunk Search 02-01-2021 0 2	0	2
SPlunk not sending alerts Hi,My splunk instance is not sending email alerts for a new alert th Can soat i just setup. I am getting other alert ... by SS1 Path Finder in Splunk Search 01-31-2021 0 4	0	4
Expand column in to rows How to Convert _time ColumnA ColumnB timeA 10 ... by teewenjie22 Engager in Splunk Search 01-31-2021 0 3	0	3
Report all real-time searches from the internal audit index Enable alerts and reports on real-time searches seen in the internal audit index. by landen99 Motivator in Splunk Search 01-30-2021 0 2	0	2
Searching for a specific users browsing history I am a newbie to Splunk and am trying to find out what query I can use to find a specific users browsing history for ... by redfan9 New Member in Splunk Search 01-30-2021 0 1	0	1