Splunk Search

Community Activity

how to table the hosts missing in splunk with lookup file for span=1d and for 7 days I've been poking around Splunk Answers for a while today and can't quite match the scenario I've got.I have a 100 hos... by vvemula Path Finder in Splunk Search 11-12-2020 0 1	0	1
How do I display 20% as an integer and still display as 20% If I execute...\| stats avg(mem_free_percent) as mfp by Region\| fieldformat mfp=round(mfp, 1)."%"It will display value... by heamik Engager in Splunk Search 11-12-2020 0 1	0	1
appendcols subsearch skewing timestamps in some circumstances I'm working with a system where each event has its own creation timestamp (always the same) and modification timestam... by benhooper Communicator in Splunk Search 11-12-2020 0 7	0	7
How to retrieve results from search manager ONLY when search is done? I can retrieve results from my search manager by using this type of code: var mydata = mySearchManager.data("resu... by pgoldweic Communicator in Splunk Search 11-12-2020 0 6	0	6
Can I not show the previous predict values in my chart? When using the predict command the time chart shows the calculated time chart value but also has the prediction line ... by aohls Contributor in Splunk Search 11-12-2020 0 3	0	3
why Searches running on only one Indexer ? Hi All , So I have two indexers in a cluster with CM Two SH's in a cluster with a deployer SH cluster is connected t... by ramarcsight Explorer in Splunk Search 11-12-2020 0 2	0	2
How to remove \ (backslash) using from URLs rex sed? I am trying to remove the escaped characters of "\" from the URLs coming in via a Twitter REST feed. Does anyone ha... by ccsfdave Builder in Splunk Search 11-12-2020 0 5	0	5
Splunk search query (not including the last x number of events) Hi,Is it possible to get splunk to search for a query and not include the last X number of events?thanks, by jboustead Explorer in Splunk Search 11-12-2020 0 1	0	1
piechart I want to create two pie chart each based upon the value of index I am choosing. using below two queries 1. index = i... by avneet26 Engager in Splunk Search 11-12-2020 0 5	0	5
Consolidate data from 2 indexes We have 2 index1. Having user name and his machine details and everything about his login 2. User name and his actual... by vikram_m Path Finder in Splunk Search 11-12-2020 0 8	0	8
How to extract Specific field and segregate the bunched eventslogs I have logs coming from AWS,first, I need to get just a message (which is an event) from the log Second, in some logs... by john_snow Engager in Splunk Search 11-12-2020 1 3	1	3
Error and Warning Count by Hour or date or timestamp I have my spark logs in Splunk . I have got 2 Spark streaming jobs running .It will have different logs ( INFO, WARN... by satyajit2007 Explorer in Splunk Search 11-12-2020 0 2	0	2
How To Filter IP Field Using Subnet Value Stored In Variable Hello, I am trying to create a drill down dashboard. Basically I want to pass a subnet value (which is currently repr... by joemarty82 Explorer in Splunk Search 11-11-2020 0 1	0	1
Using index/sourcetype ? How to get the details about the dashboards/alerts/Reports/data models in splunk ? Hi All,We are performing an impact analysis on the application data which are already getting ingested into splunk,... by Hemnaath Motivator in Splunk Search 11-11-2020 0 2	0	2
How do I create a calculated field based on data from a different type of log file? Hello,I am working with historical log data from a train system and I have two different types of log files:log1: eac... by ahmed Explorer in Splunk Search 11-11-2020 0 6	0	6
How to add total and percentage column in timechart Using a simple example: count the number of events for each host name... \| timechart count BY host> ... \| timechart c... by jerrysplunk88 Explorer in Splunk Search 11-11-2020 0 2	0	2
Combined Search - Difference in two lists This always feels exceptionally difficult to me, i'm not sure what i'm missing.I have a list of machines, a simple CS... by splunk219783 Path Finder in Splunk Search 11-11-2020 0 3	0	3
How to pull latest event I have a search/dash board that will show data over the last 30 days, the search is as followed index=server EventCo... by eb1929 Explorer in Splunk Search 11-11-2020 0 1	0	1
Looking for a regex that extract key=values from same line Application log file display below at one of the line, looking for a regex that extract value of "0" / "1" / "2" or "... by YagneshShah1 New Member in Splunk Search 11-11-2020 0 4	0	4
Check to valid credit card number - mod10\|Luhn algorithm Hello everyone,I'm using the SPL to get credit card numbers on search time (I would like to maintain this on search t... by rafamss Contributor in Splunk Search 11-11-2020 0 2	0	2
help to use EXTRACT in props.conf I've been trying to extract fields from a log at search time with only the help of props.conf. in the spunk docu I re... by avoelk Communicator in Splunk Search 11-11-2020 0 1	0	1
Limit Max line in every row in a table (like in list) hey, i got a search like:index = a \| table timestamp, id , name, age, messagei want to display only the first 10 row... by dordavid Explorer in Splunk Search 11-11-2020 0 0	0	0
Splunk SAML authentication issue when combining SAML and scripted inputs together for Splunk Cloudgateway implementation Encountered an issue with Splunk SAML authentication in conjunction when using scripted inputs for leveraging splunk... by pv063910 Explorer in Splunk Search 11-11-2020 2 9	2	9
Get results per week for custom _time field Hello,I am running a search for last 7 days results, and i am using fixed_date field as _time field.fixed_date can ha... by utk123 Path Finder in Splunk Search 11-10-2020 0 2	0	2
Problem formatting string to json Hi, I have the following String that is logged by the application and I am wondering if there is a way to pretty prin... by trem124 New Member in Splunk Search 11-10-2020 0 1	0	1