Splunk Search

Community Activity

Unable to obtain output using REX command ( User Agent) Hi First , I would like to thank everyone in this community who guided and helped me a lot. Now i have a problem exec... by jaibalaraman Path Finder in Splunk Search 12-30-2020 0 16	0	16
Need help on rex wed } } }, { "S" : "12:00" } } }, "day" M" : { "close" : { "S" : "23:00" open "S" : "12:00" } } } } }, "email" : { "S... by Annna Explorer in Splunk Search 12-30-2020 0 3	0	3
Using macro in macro validation expression Hi,I am trying to use a macro inside a macro validation expression. This is because I plan to make a number of simila... by Yolan Explorer in Splunk Search 12-30-2020 0 0	0	0
more than 50,000 rows in a KV Store Hi at all,I developed an app that uses a KV Store to manage a whitelist and it runs without problems.But when I start... by gcusello SplunkTrust in Splunk Search 12-30-2020 0 1	0	1
I can't see the search.log of a bd output in the job inspector. How can you see the search.log of a bd output?Good evening, it is required to validate the information of a certain d... by efaundez Path Finder in Splunk Search 12-30-2020 0 1	0	1
How to determine if searches are being executed each hour the number of times expected per their cron configuration I have a saved search need to check the each hour the search is being executed based on the cron configuration.Expect... by Vignesh-107 Path Finder in Splunk Search 12-30-2020 0 2	0	2
Splunk query to show my entire security metrics which is 68 in number The splunk query below is only showing just one line of Metric_ID which starts at 1. I need help with the splunk quer... by ngwodo Path Finder in Splunk Search 12-29-2020 0 1	0	1
How to convert version number to numerical value How do I convert the following string value to a numerical value that represents two digits between the dots?version ... by splunkyj Path Finder in Splunk Search 12-29-2020 0 2	0	2
Is it possible to turn a multivalued field with an arbitrary number of elements into columns? I have a search that generates two fields -- host and application. Application is a multivalued field with varying n... by responsys_cm Builder in Splunk Search 12-29-2020 0 4	0	4
Splunk Integration with Umbrella: Problem to show the data Hello Splunk Forum TEAM, I have a question refered to the integration because right now I receive the information whi... by jaciro11 Path Finder in Splunk Search 12-29-2020 0 1	0	1
how to see if end event didnt occur after 15 min from other event Hi all,i am new to Splunk and i need to create search which will show that event with end didnt occur after 15 min f... by ivana27 Path Finder in Splunk Search 12-29-2020 0 6	0	6
Mismatch in Stats UI & Splunk API index=<<My_index>> earliest="12/23/2020:10:00:00" latest="12/23/2020:11:00:00" "<<url>>" \| eval MyFeild=replace(MyFe... by sugankrish88 New Member in Splunk Search 12-29-2020 0 1	0	1
Search Result Sorting as per values in a field I have a search query that gives the supposed following results.NameWWName2ResultTypeValueAbc50.5ProdPassA1280Xyz47.2... by sdhawanx Path Finder in Splunk Search 12-29-2020 0 5	0	5
Trying to search Windows Patches? I am new to Splunk and I am trying to determine how to search for when "When a windows host was last patched"? by Nmorris22 Engager in Splunk Search 12-28-2020 1 4	1	4
splunk spl query to monitor memory utilization of Splunk hosts splunk spl query to monitor memory utilization of Splunk servers. by shinde0509 Explorer in Splunk Search 12-28-2020 0 3	0	3
Log Volume Monitoring Hi Splunkers,Happy Holidays!!!.I am trying to create a dashboard on Log Volume Monitoring. I am using ML Toolkit and ... by dwibedi03 Explorer in Splunk Search 12-28-2020 0 0	0	0
Sort stacked bar chart columns based on a value Hello,I'm struggling with sorting bar chart columns based on a time value.I have the following in my search: \| char... by D_D Explorer in Splunk Search 12-27-2020 0 4	0	4
Collecting _time from a different event Hello,I am hoping this is easy and I am blanking. I have a data source the logs what work order is in station one. I ... by strehb18 Path Finder in Splunk Search 12-27-2020 0 5	0	5
Difference Between Event Time and _time Hi all,I have a problem about _time field. There is difference between event in time and _time field. Like below,Wron... by kirchoffbk Observer in Splunk Search 12-27-2020 0 2	0	2
How to replace message "no result found" resulting to outputlookup Hi, I have to display on a dashboard the content of a lookup which is some time empty and so shows the message "no re... by mah Builder in Splunk Search 12-27-2020 0 4	0	4
Network toolkit - whois lookup: attribute error I want to use whois lookup with clientip, but I can't get any information with a command like the following"... \| loo... by Tomioka New Member in Splunk Search 12-26-2020 0 0	0	0
Predicting future time series based on current trend I would like to predict when a task is going to get completed and present that as a forecast graph. here is what i ha... by balash1979 Path Finder in Splunk Search 12-26-2020 0 0	0	0
How to Subtract column values in a table and create new filed with dynamic column names Hi Team,I have a splunk search which results in the below table... Col1Col2Col3Col4Row1XXXXRow2XXXXRow3XXXX The Col* ... by Vignesh-107 Path Finder in Splunk Search 12-26-2020 0 4	0	4
Calculate percentage of total and display as pie chart I have total of 7M users. My splunk query shows the count of completed users. I want to draw a pie chart showing comp... by balash1979 Path Finder in Splunk Search 12-25-2020 0 2	0	2
Timechart value every hour + cumulative line I got the query that shows count every hour using timechart command <<my query>> \| timechart span=1h count(path) ... by balash1979 Path Finder in Splunk Search 12-25-2020 0 1	0	1