Splunk Search

Community Activity

How to make substring using rex Hello, I am currently confront some problem here.I want to substring data in specific column using rex. The column's ... by splunkkid Path Finder in Splunk Search 09-14-2020 0 4	0	4
Extracting Linux permissions using rex Hi all!I'm looking to extract certain values from a Linux command line. Take the following example \| makeresults \| ev... by izyknows Path Finder in Splunk Search 09-14-2020 0 3	0	3
'BuildInfo' field as "ABCYYYY_Number\|XYZ" for eg "ABC2020_17\|XYZ. Compare "error1" in consecutive "BuildInfo" I have 'BuildInfo' field as "ABCYYYY_Number\|XYZ" for eg "ABC2020_17\|XYZ. Number will be keep increasing for a year( l... by VS0909 Communicator in Splunk Search 09-14-2020 0 1	0	1
Field value based on stats I am new to splunk. I have a need to get the visualization which shows the field of the corresponding stats value. D... by rangarbus Path Finder in Splunk Search 09-14-2020 0 4	0	4
How do I find the first and last time a message is seen in a repetitive sequence of events? I would like to create a table that displays the first and last event from a duplicate set of events. A duplicate ru... by rogercruz Engager in Splunk Search 09-13-2020 0 3	0	3
Errors through REST API but not through Splunk GUI One of our teams is running Java script that uses REST API to fetch data from Splunk Cloud using the search.They run... by mlevsh Builder in Splunk Search 09-13-2020 0 4	0	4
Removing characters from output with rex I`m trying to remove a hash string from my output-"Example hash is 3ernksMt7b3EzKwHuW4papuEFtvePZtDs9CQFeVYy57= will ... by SplunkySplunk Explorer in Splunk Search 09-13-2020 0 3	0	3
Complex Pie Chart I'm sorry for the terrible subject. I can't think of a simplified title for what I'm trying to do.I'm trying to graph... by hburton Explorer in Splunk Search 09-13-2020 0 3	0	3
How to calculate the factorial of a number in a Splunk search? Hi, I want to calculate factorial of a number in eval for calculating Poisson value. Please let me know if it is pos... by shrirangphadke Path Finder in Splunk Search 09-13-2020 1 7	1	7
Extracting domain name from URL Hi, I've a field with name URL and values are like this -- https://community.splunk.com/t5/forums/postpage/2132123131... by pjtbasu Explorer in Splunk Search 09-13-2020 0 3	0	3
Field extraction Hi All,I want to extract one particular filed under the description column but when i tried to extract the field i am... by syedabuthahir Explorer in Splunk Search 09-12-2020 0 2	0	2
Limiting Software Enumeration I would like to modify an existing dashboard to limit the Linux package that is being reported. Specifically, I want... by mccobalt96 New Member in Splunk Search 09-12-2020 0 4	0	4
How to Round an eval average How do I round these numbers with this search?index=net_auth_long \| eval time_hour=strftime(_time,"%H")\| chart eval(c... by tefa627 Explorer in Splunk Search 09-12-2020 0 4	0	4
Getting Average for this search I am trying to get each value to be divided by certain number (x). So if x=7, the first value would be 138.index=net_... by tefa627 Explorer in Splunk Search 09-12-2020 0 3	0	3
How to filter rows based on a regex match on all fields? Is it possible to filter search result rows by a search expression which can be applied to all fields of a row?Accord... by DanK Explorer in Splunk Search 09-12-2020 0 10	0	10
limit for values of field 'message' reached. Some values may have been truncated or ignored. What it means? I got below warning:"'anomalydetection' command: limit for values of field 'message' reached. Some values may have be... by VS0909 Communicator in Splunk Search 09-11-2020 0 1	0	1
Parse JSON only at 1st level I want my nested JSON to be parsed only at 1st level instead of parsing all the nested parts. I have below JSON: { "... by nagar57 Communicator in Splunk Search 09-11-2020 0 1	0	1
Search time line break using REX Hi Splunkers, Can anyone please help with search time line break for the following log. {"audits":[{"id":"000","vers... by Abskal Observer in Splunk Search 09-11-2020 0 6	0	6
How do i extract field usinng regex . Hi all,I'm new to splunk and i had hard time extracting fields using regex for the following example :Class (six, se... by bpot Engager in Splunk Search 09-11-2020 0 2	0	2
What is the most efficent way to do partial matches on a field? I want to check if a field contains a specific value and the field is multivalue. What is the most efficient way to ... by frbuser Path Finder in Splunk Search 09-11-2020 0 6	0	6
TIme Conversion Hi ,how to change the below raw time field to yyyy-mm-dd hh:mm:ss2020-09-09T18:21:12.2685607Zam using the below query... by krvamsireddy Explorer in Splunk Search 09-11-2020 0 6	0	6
Get Log size I want to get the log size in MB and GB. I have used this command index=index1 \|eval raw_len=(len(_raw)/1028) \| stat... by jw44250 New Member in Splunk Search 09-11-2020 0 6	0	6
DBX Query Hi,I am having issues with dbx queriesI created a dashboard with dbx queries, I can run the queries, dashboard displa... by JacketPotato New Member in Splunk Search 09-11-2020 0 2	0	2
Timechart Table with "No results found" Hi all, I have a request from a tenant in our environment that requires us to create a dashboard where each column is... by kaeleyt Path Finder in Splunk Search 09-10-2020 0 9	0	9
How to run a search that compares errors in results from two different indexes? I have two searches below: index=dev 'error' index=prod 'error' I want to run the above searches together for the... by raj11 Explorer in Splunk Search 09-10-2020 0 10	0	10