Splunk Search

Community Activity

Field Extraction - Hostname with inconsistent I'm trying to do a field extraction for a hostname field that has some inconsistency with the format.There are two ty... by jpsheridan Engager in Splunk Search 10-23-2020 1 4	1	4
Combine similar queries to create summary index How can I combine these 3 queries given everything before pipe is same:query1: index=abc source="*/d/e/f.log" artifac... by mukeshchandak Engager in Splunk Search 10-22-2020 0 1	0	1
How to use colors on Tree View Hi,I'd like to know how can I apply colors on the icon according to range values on Tree View (custom viz). The imag... by caioandrades Loves-to-Learn Lots in Splunk Search 10-22-2020 0 1	0	1
Dashboard i want add Radio button in which i want setting that when i will select MFG host it will show all MFG host result a... by uagraw01 Motivator in Splunk Search 10-22-2020 0 1	0	1
How to split user agent details Hi I am new to splunk, and I need some help with SPL query to execute the below user agentLog File - " Mozilla/5.0 (L... by jaibalaraman Path Finder in Splunk Search 10-22-2020 0 11	0	11
CloudTrail Alert: Instances: Reboot/Stop/Terminate Actions - query not working Hi We have installed " Splunk for AWS", how the below alert is not working and search result turn up as " No result f... by jaibalaraman Path Finder in Splunk Search 10-22-2020 0 1	0	1
How to show the Minimum and Maximum duration for last 90 days in a timechart? Hello guys I am displaying a TimeChart of average of Duration and a Baseline for last 30 days..It is working proper... by Rohit_Mallah New Member in Splunk Search 10-22-2020 0 10	0	10
Splunk query to join two searches Hi Splunkers, I have a complex query to extract the IDs from first search and join it using that to the second search... by asharmaeqfx Path Finder in Splunk Search 10-22-2020 0 4	0	4
Extracting record which is not success after few retry. I have below log message :basically it is for creating customer record and if we got error the we are retrying for 5 ... by Nilesh067 Explorer in Splunk Search 10-22-2020 0 1	0	1
Issue in transaction command Hi Team, I have few connections regarding transaction command. I have a series of events. One of the events are menti... by ramprakash Explorer in Splunk Search 10-22-2020 0 7	0	7
Word wrap column names in a table I have an email alert that is set to go out every morning. I have a bunch of long field names that get cut off rando... by codedtech Path Finder in Splunk Search 10-22-2020 0 0	0	0
tstats command returning different results Hi TeamI am running a tstats count on my accelerated data model for certain time periods. So the result which I am ge... by arjit Path Finder in Splunk Search 10-22-2020 0 1	0	1
Dedup and 'OR' problem Hi. I'm quite newbie in Splunk, but I'm trying to find solution to my problem. index=zt2 (first_search) OR (second_s... by Reijo86 New Member in Splunk Search 10-22-2020 0 1	0	1
Creating alert when any past hour count is x standard deviations from the average of the past 24 hours I have Splunk logs with data that is roughly like this:TimestampadapterNameresponseCodexxA1xxA2xxB1xxB2 For each com... by jojopup123 Explorer in Splunk Search 10-22-2020 0 2	0	2
Find the value of the last field and use that field as a filter to find matching records Hi,I am trying to build a result in tabular format.timestampprcs_nm outcomedatenormal time stampprcs_nmFail2020-10-19... by darth_mango_97 Explorer in Splunk Search 10-22-2020 0 8	0	8
"bin=2h time" doesn't split the bucket by every 2 hour. Hi team,with below query, I can't get expected result with the bins splitted by every 2 hour which I specified by "\| ... by cheriemilk Path Finder in Splunk Search 10-22-2020 0 3	0	3
Inputlookup - dropdown and multiselect behave weird I use an inputlookup to fill a multiselect/dropdown-input. \|inputlookup Errornumber 12 44 68 If i now use a multise... by light_of_sirius Explorer in Splunk Search 10-22-2020 0 0	0	0
valid sourcetype not in "data summary" When a valid sourcetype is not showing up in "Data Summary" under "sourcetypes", what does it mean, and how do I get ... by mitag Contributor in Splunk Search 10-21-2020 0 0	0	0
How to compare output of two splunk queries where nothing is common Hi EveryoneI have 2 queries 1) mysearchquery \| table xyz 2) mysearchquery\| table abcAnd these two queries does not h... by Emily12 Explorer in Splunk Search 10-21-2020 0 5	0	5
Extracting the values from addtotals/addcoltotals from timechart. Hi All,I would like to extract the values from addtotals.My current result from my search is as follows;_timefieldafi... by ronaldtanhj Path Finder in Splunk Search 10-21-2020 0 1	0	1
Cloud Provisioning Activity from Unusual Country - SPL search not working Hi Can anyone help me why the below search is not working. index=aws sourcetype=aws:cloudtrail eventName=Create* OR e... by jaibalaraman Path Finder in Splunk Search 10-21-2020 0 1	0	1
DBXQuery where not in index data Hi Splunkers,Need your help, i have DBXQuery like this :\| dbxquery connection="myconn" query="sdbxquery connection=mo... by rahmatn Path Finder in Splunk Search 10-21-2020 0 1	0	1
Splunk Subquery Basically, I have a problem in which I want to run two queries the first query will return me the total number of req... by haiderzada New Member in Splunk Search 10-21-2020 0 3	0	3
Smartstore, How long do data stay in local storage after being fetched from a remote storage? in Smartstore, How long do data stay in local storage after being fetched from a remote storage? by mufthmu Path Finder in Splunk Search 10-21-2020 0 1	0	1
Get conditional value from logs Hi Team,I have two conditions as below and I need to find out the operation="OVERRIDE" and other should be block1> [n... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 9	0	9