Splunk Search

Community Activity

Calculate the average run duration for a job and display as a visualization Hi everyone! In my logs coming in, I log the duration for a job to complete, for several different jobs. Example of d... by christinaef07 Loves-to-Learn Everything in Splunk Search 11-19-2020 0 1	0	1
Report with percentages and counts per month I did a search of the last 3 months on fields A = "xxx" and B = "yyy" and it has to return me 2 other fields, C and D... by antonio147 Communicator in Splunk Search 11-19-2020 0 9	0	9
Asterix search returns nothing When I first setup Splunk on my local machine (Playing around with it as I learn it), I could search for '*' and get ... by Peely Explorer in Splunk Search 11-19-2020 0 2	0	2
Help on where condition which doesn't works HelloThe search below returns results but the where condition doesnt works `wire` \| eval USERNAME=upper(USERNAME) \|... by jip31 Motivator in Splunk Search 11-19-2020 0 2	0	2
Search for tag!=foo when "foo" doesn't exist as a tag returns nothing instead of all events. Hello All,I am new to Splunk and ran into my first wall when attempting to omit search results using tags. Any help o... by splunk_a_tron Engager in Splunk Search 11-19-2020 0 14	0	14
multisearch in table format Hi,I was trying to add 2 searches \| multisearch [search host=p-css* SRCreateRequest 400 \| stats count as CreateSR ... by shashidharh Explorer in Splunk Search 11-19-2020 0 6	0	6
How to parse p4 logs 2020/11/12 12:37:17 pid 282689 compute end .028s 23+5us 0+32io 0+0net 16472k 0pf Perforce server info: Server networ... by vinodarokiya Engager in Splunk Search 11-19-2020 0 5	0	5
Regex and subnets Hi all!Help write a regular expression. You have to filter by url + filter exclude subnets.For example:example.com/ar... by Keenanix New Member in Splunk Search 11-19-2020 0 1	0	1
splunk event identifier hey there  i'm trying to make a table with the next fields: name, last name and message:index a \| table name last na... by dordavid Explorer in Splunk Search 11-18-2020 0 5	0	5
Not Results Found Error I have uploaded a csv dataset into Splunk, and have been able to successfully use the dataset addon and pivot my data... by Dixie Loves-to-Learn in Splunk Search 11-18-2020 0 2	0	2
extracting fields & values from SQL logs I am trying to extract field names and values from SQL logs. IE - “… INSERT INTO table (COL1, COL2) VALUES ('VAL1', '... by rizzo75 Path Finder in Splunk Search 11-18-2020 1 11	1	11
Sort rows Hello all, I am a newer Splunk user and I am trying to sort the following rows:Level:LowModerateHighNullTotal But I w... by erineoshea2 New Member in Splunk Search 11-18-2020 0 1	0	1
Unknown search command 'isnull' Hi, I am trying the following search syntax in Splunk to build out a report of our top 25 riskiest systems. But when ... by sakanet Explorer in Splunk Search 11-18-2020 1 5	1	5
how to get last field value by time range picker Hello,What I want to get a table with all fields populated with their last values by time range.For each form I have... by xyz123 Explorer in Splunk Search 11-18-2020 1 12	1	12
'Stats count by' set to specific count? I'm trying to create a query where I get results of a specific user triggering two of the same alerts. Is there a way... by bcjammer03 Explorer in Splunk Search 11-18-2020 0 4	0	4
Non-admin user with list_settings capability failed to send alert email when mail sever use SMTP auth. Have defined a new non-admin user and already add list_settings capability as instructed by the Splunk document here... by daniel_splunk Splunk Employee in Splunk Search 11-18-2020 0 5	0	5
How can I remove the default tags from the Splunk Visio Icons? It seems ridiculous that I can't remove a label. Example: the firewall icon has "Firewall" right below. Really? It's ... by kenruppe Explorer in Splunk Search 11-18-2020 0 7	0	7
Error rendering Forecast Chart visualization HiI'm trying to make use of the Forecast Chart Visualisation. I have added this visualisation to my dashboard, but I'... by BernardEAI Communicator in Splunk Search 11-18-2020 0 1	0	1
Subquery in an else statement Hello,I trying to perform a subquery on an else statement, I believe that the way I'm trying to do it is not right. I... by frozenpy Explorer in Splunk Search 11-18-2020 0 5	0	5
Search on raw events and datamodel give different amount When I create simple basic search (throught index) for events, I get such amount of resultsAll events are tagged, and... by user2020dy Path Finder in Splunk Search 11-18-2020 0 0	0	0
extract exception from stacktrace field Below is a sample log message. Each message will have string "500 Server Error for HTTP" and i need to extract 3 fie... by donB Loves-to-Learn Lots in Splunk Search 11-18-2020 0 1	0	1
Distributed: Unable to distribute to peer named X.X.X.X:8089 at uri=X.X.X.X:8089 using the uri-scheme=https be Hi @gcusello ,I'm getting no results when I run any queries in splunk.The following error I'm getting.Can you please ... by rahul2gupta Path Finder in Splunk Search 11-17-2020 0 4	0	4
highest event count in given time frame per seconds I'm trying to do the following search based on my index 'transactions' and field name called 'customers' for a custom... by ronport2020 New Member in Splunk Search 11-17-2020 0 1	0	1
How to convert a field value containing a list of fields into the values of those fields Consider a field value which contains a list of comma-separated field names, such as 'fieldList' in this example:\| ma... by dmillis Splunk Employee in Splunk Search 11-17-2020 0 6	0	6
Correlate data in JSON file without timestamp I have a JSON input with different types, all representing a data point at a certain time. I have the start time of t... by Patrick_Peeters Splunk Employee in Splunk Search 11-17-2020 0 1	0	1