Splunk Search

Community Activity

how to see if end event didnt occur after 15 min from other event Hi all,i am new to Splunk and i need to create search which will show that event with end didnt occur after 15 min f... by ivana27 Path Finder in Splunk Search 12-29-2020 0 6	0	6
Mismatch in Stats UI & Splunk API index=<<My_index>> earliest="12/23/2020:10:00:00" latest="12/23/2020:11:00:00" "<<url>>" \| eval MyFeild=replace(MyFe... by sugankrish88 New Member in Splunk Search 12-29-2020 0 1	0	1
Search Result Sorting as per values in a field I have a search query that gives the supposed following results.NameWWName2ResultTypeValueAbc50.5ProdPassA1280Xyz47.2... by sdhawanx Path Finder in Splunk Search 12-29-2020 0 5	0	5
Trying to search Windows Patches? I am new to Splunk and I am trying to determine how to search for when "When a windows host was last patched"? by Nmorris22 Engager in Splunk Search 12-28-2020 1 4	1	4
splunk spl query to monitor memory utilization of Splunk hosts splunk spl query to monitor memory utilization of Splunk servers. by shinde0509 Explorer in Splunk Search 12-28-2020 0 3	0	3
Log Volume Monitoring Hi Splunkers,Happy Holidays!!!.I am trying to create a dashboard on Log Volume Monitoring. I am using ML Toolkit and ... by dwibedi03 Explorer in Splunk Search 12-28-2020 0 0	0	0
Sort stacked bar chart columns based on a value Hello,I'm struggling with sorting bar chart columns based on a time value.I have the following in my search: \| char... by D_D Explorer in Splunk Search 12-27-2020 0 4	0	4
Collecting _time from a different event Hello,I am hoping this is easy and I am blanking. I have a data source the logs what work order is in station one. I ... by strehb18 Path Finder in Splunk Search 12-27-2020 0 5	0	5
Difference Between Event Time and _time Hi all,I have a problem about _time field. There is difference between event in time and _time field. Like below,Wron... by kirchoffbk Observer in Splunk Search 12-27-2020 0 2	0	2
How to replace message "no result found" resulting to outputlookup Hi, I have to display on a dashboard the content of a lookup which is some time empty and so shows the message "no re... by mah Builder in Splunk Search 12-27-2020 0 4	0	4
Network toolkit - whois lookup: attribute error I want to use whois lookup with clientip, but I can't get any information with a command like the following"... \| loo... by Tomioka New Member in Splunk Search 12-26-2020 0 0	0	0
Predicting future time series based on current trend I would like to predict when a task is going to get completed and present that as a forecast graph. here is what i ha... by balash1979 Path Finder in Splunk Search 12-26-2020 0 0	0	0
How to Subtract column values in a table and create new filed with dynamic column names Hi Team,I have a splunk search which results in the below table... Col1Col2Col3Col4Row1XXXXRow2XXXXRow3XXXX The Col* ... by Vignesh-107 Path Finder in Splunk Search 12-26-2020 0 4	0	4
Calculate percentage of total and display as pie chart I have total of 7M users. My splunk query shows the count of completed users. I want to draw a pie chart showing comp... by balash1979 Path Finder in Splunk Search 12-25-2020 0 2	0	2
Timechart value every hour + cumulative line I got the query that shows count every hour using timechart command <<my query>> \| timechart span=1h count(path) ... by balash1979 Path Finder in Splunk Search 12-25-2020 0 1	0	1
Rename column in the Stats fuction with the values of the Field I would like to get a stats per week of a Customer that would be result like the Table 1.The data I'm playing with is... by dashield Explorer in Splunk Search 12-25-2020 0 4	0	4
How to show values that are greater than 50 in a table? I have the search:\| tstats count where index=fologs module IN (G*) by module\| sort -count limit=8But I have a problem... by Luninho Explorer in Splunk Search 12-25-2020 0 1	0	1
Giving multiple events a field based on one events value Hello!What I'm trying to do is if check if any of the events meet a criteria and if so I want to assign all events a ... by TooManyQuestion Explorer in Splunk Search 12-24-2020 0 2	0	2
json extract with non-existing fields Hi, I have a json where not all the elements have all the fields. How can we extract and show this in a table? For ex... by Albsoguero New Member in Splunk Search 12-24-2020 0 2	0	2
Using a subquery result in 'IN' clause Hi,I have a query like below which would return a list of host names.index=osmetrics flock=xxx source=ps PID=1\| looku... by revathiram Engager in Splunk Search 12-24-2020 0 1	0	1
Lookup within time range I have data being fed to splunk in real time that I would like to tie to project IDs and budgets in a lookup table ba... by stephenmeyers Explorer in Splunk Search 12-24-2020 0 3	0	3
Inconsistent search result I have been using the range picker for a long time to run a search against data ingested the previous day. I normally... by PeterEccles Explorer in Splunk Search 12-24-2020 0 4	0	4
how to link search query from Dashboard to search tab which is having variables I build a query to fetch the long running jobs in Dashboard like as below. Here the $Time$ is a token which was selec... by rkishoreqa Communicator in Splunk Search 12-24-2020 0 2	0	2
Change Header colors in a Table when the result is null or empty only using simple xml. Hi Splunkers,I have a table that displays a value and corresponding to that the number of time that value has occurre... by sdhawanx Path Finder in Splunk Search 12-23-2020 0 3	0	3
Split event for timechart Hi, have you tried to do something like this ? I need to calculate the duration and then calculate a % availability l... by thuhuongle Explorer in Splunk Search 12-23-2020 0 2	0	2