Splunk Search

Community Activity

	How to make a timechart by shift? Hi all, I am trying to create a timechart that divides the data by 12 hour shifts. I have\| timechart span = 12h (fol... by topperud Engager in Splunk Search 11-20-2020 0 2	0	2
	Can an already indexed field be hid globally since it can't be removed? for GDPR compliance I need to modify a ClientIP field that is already indexed (4+ year so far) and wipe it.Was thinki... by matiasruiz Engager in Splunk Search 11-20-2020 0 4	0	4
	Splunk search for field values in multiple sources There are two sourcetypes , sourcetype=A sourcetype=B and we have extracted a field "login" in both sourcetypes 1. ... by infotork Explorer in Splunk Search 11-20-2020 0 1	0	1
	Limiting a query to 'known good' values plus 'others' I have a query similar to the following which we are using to capture information about email traffic between certain... by gavinsopra Engager in Splunk Search 11-20-2020 0 6	0	6
	Need help with Splunk query to merge subsearch with main search Hi,I am trying to craft a query that will look for Windows devices that have been rebooted and then have accessed a c... by Anon4Now Loves-to-Learn Lots in Splunk Search 11-20-2020 0 1	0	1
	How to skip the part of Search Query based on a Condition My requirement is just to skip few lines of SPL query if a certain condition is met. Or some kind of If-Else for runn... by potnuru Path Finder in Splunk Search 11-20-2020 0 12	0	12
	Using another index and replace the missing values in the current index data. I have a index say index1 having Air Details and ServerName of which some Air is missing for some serverNames.I have ... by veerendra_modi Loves-to-Learn in Splunk Search 11-20-2020 0 1	0	1
	Support for LogEntries KVP format? Splunk would not automatically extract fields from my application log files that have Key-Value Pairs (KVP) delimited... by RamG New Member in Splunk Search 11-20-2020 0 1	0	1
	Field Extraction from Multi line _raw data Hi,I want to extract the fields Name, Version, VendorName, usesLicensing, LicenseType, ExpiractDateString, LicenseKey... by Supriya Path Finder in Splunk Search 11-20-2020 0 6	0	6
	SPL Hello ,I am not getting any result while executing below query. Can you please help me to know what i am doing wrong ... by uagraw01 Motivator in Splunk Search 11-20-2020 0 1	0	1
	Add Field to Result based on lookup with CIDRMATCH in Lookup file Hi, i try to find the correct way to query a lookup file based on a where clause with CIDRMATCH. I have the followi... by hayduk Path Finder in Splunk Search 11-20-2020 0 6	0	6
	How to use regex to filter out Windows events with Account names ending with $? Hi How to edit props.conf and transforms.conf to exclude the windows events with event Codes 4634 at indexing time a... by kiran331 Builder in Splunk Search 11-20-2020 0 5	0	5
	How to analyze raw metric data I am getting following PCF metric log every 15 seconds. How should I visualize these data?I need to do a calculation ... by huajieyangdbs Observer in Splunk Search 11-20-2020 0 1	0	1
	Display latest data in dashboard Hello all,I have a requirement below :I'm pushing csv file(not pushing regularly) data to splunk index using splunk f... by kirrusk Communicator in Splunk Search 11-19-2020 0 3	0	3
	How to get all the values in y axis - Visualization Tab Hi All,How do we all the values for a single field?Currently, the chart is displayed with the LoginName(x axis) with ... by Anush Engager in Splunk Search 11-19-2020 0 6	0	6
	Calculate the average run duration for a job and display as a visualization Hi everyone! In my logs coming in, I log the duration for a job to complete, for several different jobs. Example of d... by christinaef07 Loves-to-Learn Everything in Splunk Search 11-19-2020 0 1	0	1
	Report with percentages and counts per month I did a search of the last 3 months on fields A = "xxx" and B = "yyy" and it has to return me 2 other fields, C and D... by antonio147 Communicator in Splunk Search 11-19-2020 0 9	0	9
	Asterix search returns nothing When I first setup Splunk on my local machine (Playing around with it as I learn it), I could search for '*' and get ... by Peely Explorer in Splunk Search 11-19-2020 0 2	0	2
	Help on where condition which doesn't works HelloThe search below returns results but the where condition doesnt works `wire` \| eval USERNAME=upper(USERNAME) \|... by jip31 Motivator in Splunk Search 11-19-2020 0 2	0	2
	Search for tag!=foo when "foo" doesn't exist as a tag returns nothing instead of all events. Hello All,I am new to Splunk and ran into my first wall when attempting to omit search results using tags. Any help o... by splunk_a_tron Engager in Splunk Search 11-19-2020 0 14	0	14
	multisearch in table format Hi,I was trying to add 2 searches \| multisearch [search host=p-css* SRCreateRequest 400 \| stats count as CreateSR ... by shashidharh Explorer in Splunk Search 11-19-2020 0 6	0	6
	How to parse p4 logs 2020/11/12 12:37:17 pid 282689 compute end .028s 23+5us 0+32io 0+0net 16472k 0pf Perforce server info: Server networ... by vinodarokiya Engager in Splunk Search 11-19-2020 0 5	0	5
	Regex and subnets Hi all!Help write a regular expression. You have to filter by url + filter exclude subnets.For example:example.com/ar... by Keenanix New Member in Splunk Search 11-19-2020 0 1	0	1
	splunk event identifier hey there  i'm trying to make a table with the next fields: name, last name and message:index a \| table name last na... by dordavid Explorer in Splunk Search 11-18-2020 0 5	0	5
	Not Results Found Error I have uploaded a csv dataset into Splunk, and have been able to successfully use the dataset addon and pivot my data... by Dixie Loves-to-Learn in Splunk Search 11-18-2020 0 2	0	2