Splunk Search

Community Activity

DBXQuery where not in index data Hi Splunkers,Need your help, i have DBXQuery like this :\| dbxquery connection="myconn" query="sdbxquery connection=mo... by rahmatn Path Finder in Splunk Search 10-21-2020 0 1	0	1
Splunk Subquery Basically, I have a problem in which I want to run two queries the first query will return me the total number of req... by haiderzada New Member in Splunk Search 10-21-2020 0 3	0	3
Smartstore, How long do data stay in local storage after being fetched from a remote storage? in Smartstore, How long do data stay in local storage after being fetched from a remote storage? by mufthmu Path Finder in Splunk Search 10-21-2020 0 1	0	1
Get conditional value from logs Hi Team,I have two conditions as below and I need to find out the operation="OVERRIDE" and other should be block1> [n... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 9	0	9
Best approach for comparing multiple search results with same fields I'm trying to find an elegant solution to compare the results of multiple searches - all of which have identical fie... by turbocharger Explorer in Splunk Search 10-21-2020 1 4	1	4
Number of unique days a given IP address was used Hey All, This may be something very basic, but I can't seem to find exactly what I'm looking to do on the forums.For ... by LeBarcode Engager in Splunk Search 10-21-2020 0 2	0	2
How to use Foreach for multiple columns and multiple rows? Hello, I'm having trouble figuring out how to use foreach + eval getting the difference of the fields.I have somethin... by ChioNeng Explorer in Splunk Search 10-21-2020 0 2	0	2
Change height of bar/row in bar chart? How can I adjust the height of a bar in a bar chart? I've been unable to find examples of this. Thanks by sc0tt Builder in Splunk Search 10-21-2020 0 7	0	7
How to adjust chart column width? Hi, I have the below panel. What I'm looking to do is to make the columns in this graph "skinny" (5 pixels or less)... by dbcase Motivator in Splunk Search 10-21-2020 2 5	2	5
Convert earliest_time latest_time notation to epoch Hello there!Is there a known method (a function, a command, built-in or custom, a search trick) to convert the earlie... by D2SI Communicator in Splunk Search 10-21-2020 0 2	0	2
Trendline over longer historical period I'm generating a timechart, with a 5 period simple moving average. I'm only searching over a week, with the span set ... by BernardEAI Communicator in Splunk Search 10-21-2020 0 0	0	0
Error - In handler 'savedsearch': Expecting different token When I create an action or try to change the variables in any of alert actions for an alert, I end up with a message ... by dantembe Loves-to-Learn in Splunk Search 10-21-2020 0 2	0	2
To remove few details using rex Hi Team,I have three below conditions to create a logic according to it.Case 1: operation="OVERRIDE" should print but... by sgulhane5 Explorer in Splunk Search 10-21-2020 0 3	0	3
Count occurrence of message in table I have a message feild having below data message=Successfully created customer id XXXXmessage =Duplicate create cu... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Search Sourcetype by Port ingested Hi there,Does anyone have a search that can show me what data was forwarded and ingested by which port?We have multip... by mwdbhyat Builder in Splunk Search 10-21-2020 0 0	0	0
CPU utilization There are some liberty services and in some host we have many microservice , I want to monitor CPU / memory usage in ... by ARaman77 Explorer in Splunk Search 10-21-2020 1 2	1	2
count filename form a message message: 'Successfully downloaded the file : FileAData2020-10-20_19_05_05.csv'message: 'Successfully downloaded the f... by Nilesh067 Explorer in Splunk Search 10-21-2020 0 1	0	1
Splunk built in rule question - urgent! HelloI have this Splunk built In rule: " Brute Force Access Behavior Detected Over 1d" \| tstats `summariesonly` val... by havatz Explorer in Splunk Search 10-21-2020 1 3	1	3
Today date and previous day data I want to calculate todays date data and previous day data from the host. Please suggest SPL for this. by uagraw01 Motivator in Splunk Search 10-21-2020 1 12	1	12
Time doesn't appear on the chart Time is not displayed on hover. How can this gap be resolved? by Luninho Explorer in Splunk Search 10-21-2020 0 0	0	0
How to add random month into event with only year Hi @linksI have event with future year 2021, 2022. I need to add random months into the years. Do you know which synt... by vgrand2 Explorer in Splunk Search 10-20-2020 0 2	0	2
Add 2 static rows to dropdown search results before sort I am populating dropdown options with the following search. Right now, this is the search. \| search service="$servic... by basandlin Engager in Splunk Search 10-20-2020 0 1	0	1
How handle JSON-Event with associative Array Hi, i need a special result, but i dont know how to iterate over an associative array. Here is this JSON-Events: ... by Roger_FB Explorer in Splunk Search 10-20-2020 0 3	0	3
Splunk App for AWS: How do I resolve error "The search specifies a macro 'aws-description-instance' that cannot be foun How do I resolve the following error? Error in 'SearchParser': The search specifies a macro 'aws-cloudtrail-sourcet... by jaibalaraman Path Finder in Splunk Search 10-20-2020 1 5	1	5
Search to display for list of applications to which users never logged in Hello All,I would like to list down the applications where users have never logged in. I have a input.csv file with t... by rvenkata Explorer in Splunk Search 10-20-2020 1 4	1	4