Splunk Search

Community Activity

Using single column Holiday table how do I determine whether today is a holiday? I have a lookup CSV table that lists dates of holidays in a single column.HolidayTable.csv:HDate1/1/2020................ by pm771 Communicator in Splunk Search 09-24-2020 0 3	0	3
Comparing with NULL Do I understand correctly that NULL is neither equal (==) nor not equal (!=) to any value? I know about isnull() func... by pm771 Communicator in Splunk Search 09-24-2020 1 2	1	2
Timechart filldown I have a dashboard search which ends with a timechart like this \| eval VUser=if(isnotnull(Stop_time),0,VUser)\| timec... by perrinj2 Path Finder in Splunk Search 09-24-2020 0 2	0	2
How to compare list with lookup? Hi all, I'm trying to compare list of apps by server with a list of apps in lookup to find if its installed or not. I... by knalla Path Finder in Splunk Search 09-24-2020 1 1	1	1
Percentile 25 and Percentile 75 provides different result while using streamstats and stats Hello,I have 3 values 15,26,18. Now assume my 18 is my latest value and i want to find p25 and p75 including the late... by Kirantcs Path Finder in Splunk Search 09-24-2020 0 3	0	3
Renaming the 'range' field from rangemap I have a search that reads a value 0-10. I use a rangemap command to insert custom icons in toa table based on the wh... by zd00191 Communicator in Splunk Search 09-24-2020 1 10	1	10
Sniffing Ports Up/Down -- IFconfig? Looking for a way to monitor sniffing ports on a sensor. Each port is tied to a different part of the system and wou... by ddecker03 Loves-to-Learn Everything in Splunk Search 09-24-2020 0 1	0	1
Total count per week Guys, i need to create a table with 3 columns that shows me the total of produtcs per week. Like: Produtcs Tota... by justeso1 Loves-to-Learn Everything in Splunk Search 09-24-2020 0 1	0	1
How to find the the error rate that does not have following response after a given time range? I have some logs like these { logType: 'Incoming Request', url: '/hello' timestamp: '2020-09-18T17:53:56.516Z' } { l... by hongbo_miao Path Finder in Splunk Search 09-24-2020 0 5	0	5
Always got zero for count I am trying to count the requests which `message.logType` is "Outgoing Response".My query is like index="my_index" \| ... by hongbo_miao Path Finder in Splunk Search 09-24-2020 0 17	0	17
How to pass result from subsearch to main level Hi,What I am trying to do, is to determine from a lookup table whether we have a maintenance window active in order t... by kaurinko Communicator in Splunk Search 09-24-2020 0 2	0	2
Total count from 3 last weeks Guys, I need to create a table where I have the total of products from each week. Like Products Total count from... by justeso1 Loves-to-Learn Everything in Splunk Search 09-24-2020 0 2	0	2
How make a count from different weeks I need a search that shows me the count of the produtcs weekly products countfromweek1 countfromweek2 d... by justeso1 Loves-to-Learn Everything in Splunk Search 09-24-2020 0 2	0	2
Name Extraction needed Hi,I have below scenario where a sample gym has many customers and their accounts. Some are individual and some are I... by mbasharat Builder in Splunk Search 09-24-2020 0 10	0	10
Error when trying to search Network Traffic data model with tstats I am trying to search the Network Traffic data model, specifically blocked traffic, as follows:\| tstats summariesonly... by jwalzerpitt Influencer in Splunk Search 09-24-2020 0 3	0	3
What is the permissible field value length ? What is the character limit of a field allowed in splunk? If we use a longer names would the values get truncated or ... by zacksoft Contributor in Splunk Search 09-24-2020 0 3	0	3
Searching for an Event that occured before a Specific Event Windows does not provide an accurate user who performed an audit policy change on the system (EventCode 4719), it lis... by Simple_Search Path Finder in Splunk Search 09-24-2020 0 2	0	2
How can I write a search query to retrieve release/installed date for all app on Splunk? I try to search with comand \| rest /services/app/local but the value of the "updated" field is "1970-01-01T07:00:00+0... by nareerat_pr Explorer in Splunk Search 09-24-2020 0 1	0	1
Regex Hi,I am trying to find unique id's the have 3 letters followed by 6 numbers for example bhg111111 My issue is I want ... by nathanluke86 Communicator in Splunk Search 09-24-2020 0 5	0	5
Filter sender email which not contains specific subdomain and domain Dear all,I try to filter sender email which not contains specific 3 subdomains and domain.For example:sender:user1@aa... by silverem78 Engager in Splunk Search 09-24-2020 0 2	0	2
Where command not filtering the data Hi all ..I need a help on a query ...My query looks like this Index=* ......... \| Eventstats count as total_count \| ... by appu Explorer in Splunk Search 09-24-2020 1 10	1	10
Splunk query format issue I have a correct working query but for some reason splunk doesn't return the results and shows no event sampling as a... by rgupta18 New Member in Splunk Search 09-24-2020 0 1	0	1
total vm's in esxi server i have extracted from logs how many are running but not able to write query for how many are present in server.can an... by dall Path Finder in Splunk Search 09-24-2020 0 20	0	20
How to use search and regex command to filter events The events have fields like below:description, codeAAxxxxx, 200AAxxxx,301AAxxxx,401BBxxxx,200BBxxxx,303AAxxx, 502 I w... by umou7 Explorer in Splunk Search 09-24-2020 0 2	0	2
searching for multiple destination ports I have a search query for:dest_port=4402 I want to include 4404. what would the syntax for dest_port look like? by allenhau Engager in Splunk Search 09-23-2020 0 2	0	2