Splunk Search

Discussions

Thread Info

Replacing "No Results Found" with "0"

I have the below query: My Search query returns a value when it finds some result whereas when it doesn't find any...

by Explorer in

Create Dynamic URL for Splunk Search Dashboard URL

I am working on creating a simple UI environment and want to include links to related Splunk search result web dashbo...

by Engager in

What to use to a search a hash and return all info of all users that have a hit?

New to Splunk but understand regex and have a strong background in sed/awk/curl/bashI want to search a hash and retur...

by Explorer in

group certain URLs

I have a search that returns events with many different URLs index=test URL=* I want to ob...

by Engager in

how to count values from a filed and show count as column

i am running below query to get total count by date_mday. search query | eval ver=substr(av,1,4) | stats count(ver)...

by Explorer in

Compare two different rows and count values from search B

index=spb_uip_qa_automation splunkAutomationTag="Client_ReleaseChecklist_Staging_Platform_Desktop_Chrome_9.15.0.1568_...

by Engager in

How to use where condition to set threshold for avg response time

Hi Team, I am trying to get list of apis , whose avg response time is greater than particular threshold. Using Chart ...

by Observer in

loadjob on accelerated data models

Im converting all our dashboards over to scheduled searches load jobs for historic events and also accelerated data m...

by Path Finder in

Avoid multiple spath for a better performant query

I have a json with the following structure: { "version":"v0.2", "prints":{ "urls":[ { "response_time":256...

by Explorer in

format output based on IF condition

Hi Query 1: | pivot mongo ServerStatus max(currentConnections) SPLITCOL host | fieldsummary | fields fie...

by New Member in

apply and fit commands

Hey! I trained a StateSpaceForecast algorithm and saved it with the fit command. My goal is now to make predictio...

by Explorer in

How to count and compare & produce the output ?

I have the below table from the mentioned query. sourcetype=abc source=*restart.log | rex field=_raw "ser...

by Communicator in

How to compare two time same time frames with different day's.

How to compare the average value of the field in two different time frames i.e same time today with same time yesterd...

by Explorer in

compare time forecasts to incoming data

Hey all, I am currently trying to achieve the following: train a Kalman filter with a periodicity i found via Aut...

by Explorer in

Use predict with dynamic values in MLTK

Hey! So I am trying to hand the Kalman filter in Splunk's MLTK a dynamic value for the period which I first find th...

by Explorer in

How to search for requests from the same source that happen within given time interval

Greetings, I need to search for requests from the same username that occur within certain time interval, say, less ...

by New Member in

find servers in 24 hour period that have sustained "% _total Prcessor times" greater than 80% for 5 mins or more

Good Afternoon I am fairly new to splunk and I am trying to figure out the best way to approach this. I am runnin...

by Explorer in

Consult the volume comparison of the last 07 days, above 80% of the value of the last days to alarm.

I have the following query below, I need to generate a third column or generate an alarm when the values generated ...

by Path Finder in

Parse time deltas within transaction

I have a search that uses the transaction command: | transaction startswith=<...> endswith=<...> To group...

by Path Finder in

Reduce the regex steps

Trying to extract Dimensions out of Query, but it is taking 1500 plus steps due to which I am getting limits.conf err...

by Explorer in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Replacing "No Results Found" with "0"

Create Dynamic URL for Splunk Search Dashboard URL

What to use to a search a hash and return all info of all users that have a hit?

group certain URLs

how to count values from a filed and show count as column

Compare two different rows and count values from search B

How to use where condition to set threshold for avg response time

loadjob on accelerated data models

Avoid multiple spath for a better performant query

format output based on IF condition

apply and fit commands

How to count and compare & produce the output ?

How to compare two time same time frames with different day's.

compare time forecasts to incoming data

Use predict with dynamic values in MLTK

How to search for requests from the same source that happen within given time interval

find servers in 24 hour period that have sustained "% _total Prcessor times" greater than 80% for 5 mins or more

Consult the volume comparison of the last 07 days, above 80% of the value of the last days to alarm.

Parse time deltas within transaction

Reduce the regex steps

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann

How to search multiple strings from lookup and pro...

Help on tstats search?

Matching index field value with lookup field value

extract fields from json-wrapped postfix logs?

How to configure alert when a service is in failed...