Splunk Search

Community Activity

How to calculate the factorial of a number in a Splunk search? Hi, I want to calculate factorial of a number in eval for calculating Poisson value. Please let me know if it is pos... by shrirangphadke Path Finder in Splunk Search 09-13-2020 1 7	1	7
Extracting domain name from URL Hi, I've a field with name URL and values are like this -- https://community.splunk.com/t5/forums/postpage/2132123131... by pjtbasu Explorer in Splunk Search 09-13-2020 0 3	0	3
Field extraction Hi All,I want to extract one particular filed under the description column but when i tried to extract the field i am... by syedabuthahir Explorer in Splunk Search 09-12-2020 0 2	0	2
Limiting Software Enumeration I would like to modify an existing dashboard to limit the Linux package that is being reported. Specifically, I want... by mccobalt96 New Member in Splunk Search 09-12-2020 0 4	0	4
How to Round an eval average How do I round these numbers with this search?index=net_auth_long \| eval time_hour=strftime(_time,"%H")\| chart eval(c... by tefa627 Explorer in Splunk Search 09-12-2020 0 4	0	4
Getting Average for this search I am trying to get each value to be divided by certain number (x). So if x=7, the first value would be 138.index=net_... by tefa627 Explorer in Splunk Search 09-12-2020 0 3	0	3
How to filter rows based on a regex match on all fields? Is it possible to filter search result rows by a search expression which can be applied to all fields of a row?Accord... by DanK Explorer in Splunk Search 09-12-2020 0 10	0	10
limit for values of field 'message' reached. Some values may have been truncated or ignored. What it means? I got below warning:"'anomalydetection' command: limit for values of field 'message' reached. Some values may have be... by VS0909 Communicator in Splunk Search 09-11-2020 0 1	0	1
Parse JSON only at 1st level I want my nested JSON to be parsed only at 1st level instead of parsing all the nested parts. I have below JSON: { "... by nagar57 Communicator in Splunk Search 09-11-2020 0 1	0	1
Search time line break using REX Hi Splunkers, Can anyone please help with search time line break for the following log. {"audits":[{"id":"000","vers... by Abskal Observer in Splunk Search 09-11-2020 0 6	0	6
How do i extract field usinng regex . Hi all,I'm new to splunk and i had hard time extracting fields using regex for the following example :Class (six, se... by bpot Engager in Splunk Search 09-11-2020 0 2	0	2
What is the most efficent way to do partial matches on a field? I want to check if a field contains a specific value and the field is multivalue. What is the most efficient way to ... by frbuser Path Finder in Splunk Search 09-11-2020 0 6	0	6
TIme Conversion Hi ,how to change the below raw time field to yyyy-mm-dd hh:mm:ss2020-09-09T18:21:12.2685607Zam using the below query... by krvamsireddy Explorer in Splunk Search 09-11-2020 0 6	0	6
Get Log size I want to get the log size in MB and GB. I have used this command index=index1 \|eval raw_len=(len(_raw)/1028) \| stat... by jw44250 New Member in Splunk Search 09-11-2020 0 6	0	6
DBX Query Hi,I am having issues with dbx queriesI created a dashboard with dbx queries, I can run the queries, dashboard displa... by JacketPotato New Member in Splunk Search 09-11-2020 0 2	0	2
Timechart Table with "No results found" Hi all, I have a request from a tenant in our environment that requires us to create a dashboard where each column is... by kaeleyt Path Finder in Splunk Search 09-10-2020 0 9	0	9
How to run a search that compares errors in results from two different indexes? I have two searches below: index=dev 'error' index=prod 'error' I want to run the above searches together for the... by raj11 Explorer in Splunk Search 09-10-2020 0 10	0	10
Can I add two table values in a single table Hi team, How can I add the below two queries into one single query and present in a single table.query 1 : index="dev... by rkishoreqa Communicator in Splunk Search 09-10-2020 0 3	0	3
cisco asa add-on - default regex not working in UI with regex/rex command HelloI download cisco asa add-on from splunk base and in default folder/transforms.conf some regexes cannot be used i... by net1993 Path Finder in Splunk Search 09-10-2020 0 1	0	1
Time matching w/ a +/- 5 min window Greetings Splunkers,I have a lookup file that has a list of set jobs with a frequency timestamp (e.g. Mon-Fri @ 3:30)... by cquinney Communicator in Splunk Search 09-10-2020 0 4	0	4
Seeing no results when broadening streamstats search - Concurrent Failed Logins Hi All,I've been working on a search that will give me the Account_Name of someone who has failed to login 6-10 times... by rquish94 Explorer in Splunk Search 09-10-2020 0 4	0	4
When there is no result filed is displays as "No logon found". I want to color that value " the below displays first login in the system. If user has no logon information, it should display "No logon found" in... by Flyhigh1010 Loves-to-Learn Lots in Splunk Search 09-10-2020 0 0	0	0
How do you make fields into individual rows with each field value? I have a search that does the following: \| inputlookup system_scores.csv \| search "big search goes here" \| fields ser... by UMDTERPS Communicator in Splunk Search 09-10-2020 0 4	0	4
SPLUNK ITSI (Cloud) I have an urgent requirement to build a datasets where I have to create multiple fields based on a flag field.eg. but... by alekur Loves-to-Learn Lots in Splunk Search 09-10-2020 0 0	0	0
Need help in writing query in Splunk Query required :If a count of certain condition in the last rolling 12 hours exceeds 10% more than the avg daily numb... by vn_g Path Finder in Splunk Search 09-10-2020 0 3	0	3