Splunk Search

Community Activity

how to create drilldown for specific value from multivalue row Hi Team,I have a table where employee name are group by manager name and their project count.PFB structure of my tabl... by Khushboo Explorer in Splunk Search 01-06-2021 0 3	0	3
tstats search slow when using field from automatic lookup Hello, I'm seeing an issue where tstats search is slow due to an automatic lookup. I'm running the searches over rang... by tah7004 Path Finder in Splunk Search 01-06-2021 0 2	0	2
Compare data between indexed device data and Splunk App for Infrastructure I'm being asked to compare device Entities in SAI with database data I am indexing that contains devices on our netwo... by hoopydave Path Finder in Splunk Search 01-06-2021 0 0	0	0
splunk universal forwarder error [khush@1122]$ !531/dev/kt/splunk/splunkforwarder/bin/splunk startsplunkd 14116 was not running.Stopping splunk helper... by Khushboo Explorer in Splunk Search 01-06-2021 0 0	0	0
Timechart event result variations with time range picker I am using the same timechart search query:'search\| timechart span=1d sum(xxx)"when I set the time range picker to ye... by jamesboustead Explorer in Splunk Search 01-06-2021 0 2	0	2
How to calculate elapsed time only on working hours ? Hi all, I'm trying to calculate the time support team took to respond when a new ticket is created. For now i'm able ... by clementros Path Finder in Splunk Search 01-06-2021 0 0	0	0
Create a time series graph after a stats command Hi,I'm not able to create a timechart graph for the below search, it is coming up with no result.My current search is... by jamesboustead Explorer in Splunk Search 01-06-2021 0 4	0	4
retention period HiWhen i search in Splunk I only find logs in last 52 days I need to increase the retention period to be available a... by saeed Explorer in Splunk Search 01-05-2021 0 1	0	1
map visulization with lookup table Hello Splunkers ! i wanted to visualize data on map so i used this command and it worked:index=myFirewall \| stats cou... by moayadalghamdi Path Finder in Splunk Search 01-05-2021 0 3	0	3
how to search for search queries triggered from Phantom in splunk cloud Hello All,I am new to splunk and looking for suggestion on search queries. In our environment, we have phantom app in... by ravivarmagv1 Loves-to-Learn in Splunk Search 01-05-2021 0 0	0	0
How do I bring serial number in splunk Hi, I have four line result as follows: value1 value2 value3 value4 but I want the serial no. should be before eac... by abhayneilam Contributor in Splunk Search 01-05-2021 1 5	1	5
Split command take comma as a value when null value exists for a field Hi,I am trying to use Split command to separate and get few fields. However I am getting different fields value due t... by dchando Engager in Splunk Search 01-05-2021 0 4	0	4
Header Field and Values I have a Splunk event with the following lines logged from a .txt file.HeaderField1 \| HeaderField2 \| HeaderField3Head... by bartstk18 Loves-to-Learn Lots in Splunk Search 01-05-2021 0 4	0	4
extract json from string hi, I have a string int the following format:msg: Logging interaction event { eventId: '12dea8c0-dfb2-4988-9e97-314dd... by ashodha Engager in Splunk Search 01-05-2021 0 3	0	3
date and time conversion hi, I am looking to convert the following time to UTC format:8/26/20203:47PM-06:00 Ultimately i am looking to convert... by archanas Explorer in Splunk Search 01-05-2021 0 3	0	3
HTTP ResponseCode transformation Hi all,I have a use case to transform gzipped binary portion of HTTP ResponseCode into readable content. Is this some... by me74fhfd Path Finder in Splunk Search 01-05-2021 0 3	0	3
Help using regex to break a comma separated string I have a text string field in my events which contains one or many date/time stamps within the string. The string is... by mdurdel New Member in Splunk Search 01-05-2021 0 11	0	11
tstats timechart I am trying to do a time chart of available indexes in my environment , I already tried below query with no luck \| ... by kunalmao Communicator in Splunk Search 01-05-2021 0 3	0	3
Input Filter and the supporting panels I have a dropdown(say field A) as input to a dashboard.And this dropdown value is passed/used only in certain panels ... by prettysunshinez Explorer in Splunk Search 01-05-2021 0 4	0	4
Comparing two multivalue fields I'm trying to compare multiplevalue fields in a search.My query is below: sourcetype=app2_log OR sourcetype=app1_log... by gcbysc Loves-to-Learn Everything in Splunk Search 01-05-2021 0 8	0	8
Search doesn't show data Hi,I have just installed Splunk enterprise on-prem and trying to send data using HEC (port 8088). When I do a tcpdump... by ragh99 Loves-to-Learn in Splunk Search 01-04-2021 0 4	0	4
Question on stats command Hi,I want to find the duration of time for only one sourcetype where as the other values for both the sourcetype..sta... by Deepz2612 Explorer in Splunk Search 01-04-2021 0 3	0	3
Universal Forwarder for FreeBSD Hi! Don't find UF for FreeBSD. Are this subject exist? by Anatol New Member in Splunk Search 01-04-2021 0 1	0	1
Is this a suitable use case for the Splunk Machine Learning Toolkit? Suppose I have two sets of data:Workers, who have attributes such as location, pay grade, role, department, skills.Ro... by hmallett Path Finder in Splunk Search 01-04-2021 0 1	0	1
Splunk_TA_stream stops capture (Windows) - know issue STREAM-4301, STREAM-4409 HiIn known issues this problem is listed (STREAM-4301, STREAM-4409 https://docs.splunk.com/Documentation/StreamApp/... by gunzola Path Finder in Splunk Search 01-04-2021 0 2	0	2