Splunk Search

Community Activity

valid sourcetype not in "data summary" When a valid sourcetype is not showing up in "Data Summary" under "sourcetypes", what does it mean, and how do I get ... by mitag Contributor in Splunk Search 10-21-2020 0 0	0	0
How to compare output of two splunk queries where nothing is common Hi EveryoneI have 2 queries 1) mysearchquery \| table xyz 2) mysearchquery\| table abcAnd these two queries does not h... by Emily12 Explorer in Splunk Search 10-21-2020 0 5	0	5
Extracting the values from addtotals/addcoltotals from timechart. Hi All,I would like to extract the values from addtotals.My current result from my search is as follows;_timefieldafi... by ronaldtanhj Path Finder in Splunk Search 10-21-2020 0 1	0	1
Cloud Provisioning Activity from Unusual Country - SPL search not working Hi Can anyone help me why the below search is not working. index=aws sourcetype=aws:cloudtrail eventName=Create* OR e... by jaibalaraman Path Finder in Splunk Search 10-21-2020 0 1	0	1
DBXQuery where not in index data Hi Splunkers,Need your help, i have DBXQuery like this :\| dbxquery connection="myconn" query="sdbxquery connection=mo... by rahmatn Path Finder in Splunk Search 10-21-2020 0 1	0	1
Splunk Subquery Basically, I have a problem in which I want to run two queries the first query will return me the total number of req... by haiderzada New Member in Splunk Search 10-21-2020 0 3	0	3
Smartstore, How long do data stay in local storage after being fetched from a remote storage? in Smartstore, How long do data stay in local storage after being fetched from a remote storage? by mufthmu Path Finder in Splunk Search 10-21-2020 0 1	0	1
Get conditional value from logs Hi Team,I have two conditions as below and I need to find out the operation="OVERRIDE" and other should be block1> [n... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 9	0	9
Best approach for comparing multiple search results with same fields I'm trying to find an elegant solution to compare the results of multiple searches - all of which have identical fie... by turbocharger Explorer in Splunk Search 10-21-2020 1 4	1	4
Number of unique days a given IP address was used Hey All, This may be something very basic, but I can't seem to find exactly what I'm looking to do on the forums.For ... by LeBarcode Engager in Splunk Search 10-21-2020 0 2	0	2
How to use Foreach for multiple columns and multiple rows? Hello, I'm having trouble figuring out how to use foreach + eval getting the difference of the fields.I have somethin... by ChioNeng Explorer in Splunk Search 10-21-2020 0 2	0	2
Change height of bar/row in bar chart? How can I adjust the height of a bar in a bar chart? I've been unable to find examples of this. Thanks by sc0tt Builder in Splunk Search 10-21-2020 0 7	0	7
How to adjust chart column width? Hi, I have the below panel. What I'm looking to do is to make the columns in this graph "skinny" (5 pixels or less)... by dbcase Motivator in Splunk Search 10-21-2020 2 5	2	5
Convert earliest_time latest_time notation to epoch Hello there!Is there a known method (a function, a command, built-in or custom, a search trick) to convert the earlie... by D2SI Communicator in Splunk Search 10-21-2020 0 2	0	2
Trendline over longer historical period I'm generating a timechart, with a 5 period simple moving average. I'm only searching over a week, with the span set ... by BernardEAI Communicator in Splunk Search 10-21-2020 0 0	0	0
Error - In handler 'savedsearch': Expecting different token When I create an action or try to change the variables in any of alert actions for an alert, I end up with a message ... by dantembe Loves-to-Learn in Splunk Search 10-21-2020 0 2	0	2
To remove few details using rex Hi Team,I have three below conditions to create a logic according to it.Case 1: operation="OVERRIDE" should print but... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 3	0	3
Count occurrence of message in table I have a message feild having below data message=Successfully created customer id XXXXmessage =Duplicate create cu... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Search Sourcetype by Port ingested Hi there,Does anyone have a search that can show me what data was forwarded and ingested by which port?We have multip... by mwdbhyat Builder in Splunk Search 10-21-2020 0 0	0	0
CPU utilization There are some liberty services and in some host we have many microservice , I want to monitor CPU / memory usage in ... by ARaman77 Explorer in Splunk Search 10-21-2020 1 2	1	2
count filename form a message message: 'Successfully downloaded the file : FileAData2020-10-20_19_05_05.csv'message: 'Successfully downloaded the f... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Splunk built in rule question - urgent! HelloI have this Splunk built In rule: " Brute Force Access Behavior Detected Over 1d" \| tstats `summariesonly` val... by havatz Explorer in Splunk Search 10-21-2020 1 3	1	3
Today date and previous day data I want to calculate todays date data and previous day data from the host. Please suggest SPL for this. by uagraw01 Motivator in Splunk Search 10-21-2020 1 12	1	12
Time doesn't appear on the chart Time is not displayed on hover. How can this gap be resolved? by Luninho Explorer in Splunk Search 10-21-2020 0 0	0	0
How to add random month into event with only year Hi @linksI have event with future year 2021, 2022. I need to add random months into the years. Do you know which synt... by vgrand2 Explorer in Splunk Search 10-20-2020 0 2	0	2