Splunk Search

Community Activity

Manipulate Token Value and use in search Hopefully, I can explain this to where it makes sense. I have a forum where I use a TEXT input to generate a token to... by ekammer1 Engager in Splunk Search 11-06-2020 0 2	0	2
Sub Search failing due to return with no items I am very close but need some assistance. I am attempting to create an alert based upon the criteria "Free Megabytes... by jmo1 Path Finder in Splunk Search 11-06-2020 0 5	0	5
Predict: In dashboards can we keep bar chart in stacked from even after using predict command?My Case:In my case after using predict command... by renuka Path Finder in Splunk Search 11-06-2020 0 0	0	0
How to exclude computer account name from results I am running a very simple search to determine accounts locked out: server01 OR server02 OR server03 OR server04 Eve... by arkonner Path Finder in Splunk Search 11-06-2020 0 10	0	10
Stats count and field with oldest event I'm sure it's out there somewhere and maybe I'm just brain fried from looking at Splunk for too long, but I wasn't ab... by dangeloma Explorer in Splunk Search 11-06-2020 0 5	0	5
how can i perform a filter after i do a search date reportid notificationid status10/1/2020 5555 1 ... by thaghost99 Path Finder in Splunk Search 11-05-2020 0 2	0	2
Set max concurrent search for a particular saved search Hello community and experts,Is it possible to set a max concurrent search for a particular saved search?The use case ... by takashi6 Explorer in Splunk Search 11-05-2020 0 6	0	6
google and bing keyword I am seeking to get a list of the user typed keyword searches from the proxy activity. Below is what i got but those... by NauticaTQP Engager in Splunk Search 11-05-2020 0 2	0	2
Search optimization . by troy44112 Explorer in Splunk Search 11-05-2020 0 1	0	1
Yes / No Column if EventCode Found in Lookup I have a lookup table with certain Windows Event Codes. I am searching our Windows index for all Windows Event Codes... by aferone Builder in Splunk Search 11-05-2020 0 2	0	2
Find maximum value in one column where a second column meets criteria I believe as with all things Splunk, there is more than one way to solve thisMy data consists of this \| makeresults \|... by bowesmana SplunkTrust in Splunk Search 11-05-2020 1 4	1	4
Date sorting Hi, I have below data: Date: Sep 2020 Aug 2018 Feb 2020 July 2017 Sep 2019 I want to sort the date by month and yea... by ND Path Finder in Splunk Search 11-05-2020 0 2	0	2
reconciliation of field value from Splunk DB connect query HI All,I need to reconcile 2 different swift messages from Splunk DB connectThe key pattern should be<<YYYYMMDD>>#SWI... by ashrafsj Path Finder in Splunk Search 11-05-2020 0 1	0	1
Sum duration to iterations of same id Hey,I have an index 'test_iterations' which contains test data (start time, end time, iterationIndex ane TestName).Ea... by noa Loves-to-Learn in Splunk Search 11-05-2020 0 2	0	2
Can't use stats with custom streaming searchcommand I have a custom search command that extracts a domain name from a url string field you specify into a new "domain" fi... by wesleya Explorer in Splunk Search 11-05-2020 0 2	0	2
Adding values from multiple arrays Hi,I am trying to add the values from 2 array functions to get the overall sum.\| eval {1_month_last_day_prior} = case... by shonac Explorer in Splunk Search 11-05-2020 1 6	1	6
Adding new expected Value to serach result Hi,I tried search some data from logs using this statement: index=* sourcetype="mySource" Types* \| stats count by Typ... by mikroice90 Explorer in Splunk Search 11-05-2020 1 5	1	5
Alerting on free space AND % free space - Windows-based systems We are collecting perfmon information - "Free Megabytes" and "% Free Space". All is well in the collection on the... by jmo1 Path Finder in Splunk Search 11-05-2020 0 3	0	3
Fetch fields in json I hava data in statistics.. it has the below format: START Request Id: 62529168377 :$LATEST{"Name": "abc","Alarm":"al... by tsm0099 Explorer in Splunk Search 11-05-2020 0 1	0	1
How to extract latest events of particular field. Hi Folks,I need your help in fetching latest event from a particular field.Sharing you a sample event and query when... by prateeksawhney Explorer in Splunk Search 11-05-2020 0 10	0	10
Using REGEX to extract portion of a string from a field Hi Everyone:I'd like to extract everything after the third "/" below (starting from the left) in the url field below:... by mdeterville Path Finder in Splunk Search 11-04-2020 1 3	1	3
combine events based on a common field I have data being pushed onto Splunk in JSON format. What I am trying to do is combine events. For example, 2 events ... by quirkyUnicorn28 Loves-to-Learn in Splunk Search 11-04-2020 0 0	0	0
normalize columns in timechart Hi allconsider this search:source=bandwidth \| timechart sum(packets_in) by hostwhich will produce rows indexed by a t... by splnk1391 Engager in Splunk Search 11-04-2020 0 1	0	1
How to get an average per day I am trying to get an average for the last (x) days for a that specific day and hour. This search lists a count for t... by tefa627 Explorer in Splunk Search 11-04-2020 0 2	0	2
What does "bin _time span=100ms, eval H=len(_raw),transaction and maxevents" mean in this whole search? Hi, I am having confusion in understanding some portion of following search. Can anyone help me in understanding it ... by M_fahad_hassan Engager in Splunk Search 11-04-2020 0 2	0	2