Splunk Search

Community Activity

Easy Epoch time transformation I have a lot of DB Connect inputs connecting to MS SQL databases. a lot of the data i am pulling from these inputs h... by nkrestakos Engager in Splunk Search 02-01-2021 0 2	0	2
Is the information in the search job inspector stored in Splunk internally so I can query this data and set up dashboards? I have been tasked to find a way to report on the overall query load to our Splunk system by customers that we have u... by feickertmd Communicator in Splunk Search 02-01-2021 2 7	2	7
splunk stream HiMy servers (clients) are running splunk stream. I believe within the deployment server will contain the configurat... by iherb_0718 Path Finder in Splunk Search 02-01-2021 0 1	0	1
How do i check aws autoscaling reason in the AWS log file ? Hi I have seen a significant traffic increase (Network In ) in our environment. However i tried investigating thoug... by jaibalaraman Path Finder in Splunk Search 02-01-2021 0 2	0	2
Query to find events with more than 2 values for a specific field compared to another field I'm trying to create a query to show me all users who have purchased more than 1 type of product.Each event has a "us... by john_byun Path Finder in Splunk Search 02-01-2021 0 2	0	2
How can I group counts by time ranges in a row? For a certain time range, I want to group together the counts in a single row, divided into equal time slices.For exa... by OliverG91 Explorer in Splunk Search 02-01-2021 0 4	0	4
list eventccode and host Hello,I hope someone could help me out figuring out this one out. The core of what I am trying to do is get a list of... by Huss54 Engager in Splunk Search 02-01-2021 0 3	0	3
create table of first and last logins for multiple users Hello all,looking to get both the first and last event for each user of the bellow search if anyone can help. index=w... by tkerr1357 Path Finder in Splunk Search 02-01-2021 0 2	0	2
Files with Multiple extensions I am a Splunk newbie and need to be able to search for files with multiple extensions (example: filename.ps1.doc) an... by Bellthazor Engager in Splunk Search 02-01-2021 0 2	0	2
Trouble with Hidden Panel Passing a Value Hello,I am having trouble with a panel staying hidden when the search above shows no results. I would like to create ... by strehb18 Path Finder in Splunk Search 02-01-2021 0 4	0	4
Adding a predicted cumulative value to a stacked bar chart I wish to take a stacked bar chart, use 'addtotals' to create a field representing the cumulative value of the stacke... by rbolande Explorer in Splunk Search 02-01-2021 0 3	0	3
How to group by latest date? Hi,See, I have been trying to group my result query based on the latest date in order to remove duplicates and get th... by designer46 Explorer in Splunk Search 02-01-2021 0 2	0	2
SPlunk not sending alerts Hi,My splunk instance is not sending email alerts for a new alert th Can soat i just setup. I am getting other alert ... by SS1 Path Finder in Splunk Search 01-31-2021 0 4	0	4
Expand column in to rows How to Convert _time ColumnA ColumnB timeA 10 ... by teewenjie22 Engager in Splunk Search 01-31-2021 0 3	0	3
Report all real-time searches from the internal audit index Enable alerts and reports on real-time searches seen in the internal audit index. by landen99 Motivator in Splunk Search 01-30-2021 0 2	0	2
Searching for a specific users browsing history I am a newbie to Splunk and am trying to find out what query I can use to find a specific users browsing history for ... by redfan9 New Member in Splunk Search 01-30-2021 0 1	0	1
Disable app on UF using deployment server Hello All,i have a default app which gets installed on the UF during the installation (part of our install script). t... by AzmathShaik Path Finder in Splunk Search 01-29-2021 0 4	0	4
Search running slowly Hi, can anyone make any suggestions as to how I can make this search more efficient? index=prod_service_now sourcety... by shazbot79 Path Finder in Splunk Search 01-29-2021 0 4	0	4
Count By Date I have a search created, and want to get a count of the events returned by date. I know the date and time is stored ... by gn694 Communicator in Splunk Search 01-29-2021 3 5	3	5
How to display counts in the two weeks span for last two weeks and two weeks before I want to display counts latest two weeks (last two weeks), two weeks before and everything else before 4 weeks start... by AshChakor Path Finder in Splunk Search 01-29-2021 0 1	0	1
Replacing multiple values of a field with single value with rex sed Hi All,I have field called stepName which will have below three values.TextResource.getFirstLineTextResource.getSecon... by viswatejabolla New Member in Splunk Search 01-29-2021 0 3	0	3
SPL using search NOT comparing 2 Lookup (csv) files returns wrong results Greetings,I've 2 Lookup (csv) files, one generated from index _internal (approx 15k events) and another generated fro... by marceloalejandr Path Finder in Splunk Search 01-29-2021 0 6	0	6
How to set up an alert to trigger only if a second search does not return results within 30 seconds of the previous search? I have a current alert that is working as expected to capture a log event that states a service is down. We have sta... by dnsGuy314 New Member in Splunk Search 01-29-2021 0 10	0	10
Help Improve my search? All, I have this search here and it's pretty slow. Any recommendations to speed it up? Currently 250.249 seconds and ... by dpwtheitguy Loves-to-Learn Lots in Splunk Search 01-28-2021 0 2	0	2
Splunk Join Optimisation Hi,I have the below query which does the search on two different sources in the same index and join the results based... by deepuhassan Explorer in Splunk Search 01-28-2021 0 6	0	6