Splunk Search

Community Activity

How can find all the possible fields from our raw logs for a index, excluding internal fields generated by Splunk Hi,I want to generate a new dashboard from the splunk logs .I want all the fields that are present in the raw data . ... by aditsss Motivator in Splunk Search 09-10-2020 0 6	0	6
Omit "NULL" and "OTHER" from area chart How do I omit "NULL" and "OTHER" from the results of an area chart? by srussellnpr Explorer in Splunk Search 09-10-2020 7 5	7	5
searching fields that have multiple lines by using \n or \r\n doesn't work but using does I'm trying to do some windows event blacklisting due to a high volume on a particular server. However, I'm having tro... by smartalik Engager in Splunk Search 09-10-2020 0 4	0	4
Extract 'table structured' data from log file using Perl. I have a log file in a table structured form like this,Code send_id dest_idAW 96 45BX 65 78Now here I have to change ... by A3gupta New Member in Splunk Search 09-09-2020 0 1	0	1
Dashboard on email at scheduled time Can a html dashboard be sent on email??I have created an html dashboard with modified css and html code and I want th... by priya0709 Path Finder in Splunk Search 09-09-2020 0 1	0	1
How to combine a csv and savedsearch and retrieve matching and unmatching results ? I have a savedsearch which is a result of json data. Similarly I have a master csv. I have Assettag field common in b... by kavyamohan Explorer in Splunk Search 09-09-2020 0 1	0	1
get rows in lookup that does not have entry in search result I have a Lookup "Consumer_Lookup.csv" (30 rows approx)Consumer RestrictedA YB ... by dchoubey Engager in Splunk Search 09-09-2020 0 2	0	2
How to transpose a table? (without using Transpose command) My Table looks like this VF_Price Huyndai_Price Jaguar_Price345 412 542I wan... by zacksoft Contributor in Splunk Search 09-09-2020 0 6	0	6
How to add two different chart queries and get the results in single table I have two queries like as below : > index="int_audit_dev" \| chart count(ApplicationName) over ApplicationName by Sta... by rkishoreqa Communicator in Splunk Search 09-09-2020 0 5	0	5
Avg disappears if I add min and max, so how do I combine avg, min, and max together to have all the stats I need? I have events with response_time fields coming from an access log file. I have to display the average, min, and max r... by pszabo75 Loves-to-Learn Lots in Splunk Search 09-09-2020 0 16	0	16
Filtering on my table HiI got following values as a result of a splunk table:84203420010382000000057804320171878410113000078410113000017501... by Rodrigo_Larios Explorer in Splunk Search 09-09-2020 0 8	0	8
How do I display latest event after comparing descriptions from event log? Hello,I am working on a query to check multiple service status from multiple servers and trying to display the curren... by nareshkumarg Path Finder in Splunk Search 09-09-2020 0 6	0	6
Color table on the basis of their values visualization Hello, I am generating the following table in splunk dashboard using the following query from raw data file: Two type... by ssaini5 Explorer in Splunk Search 09-09-2020 0 1	0	1
splunk query Hi Folks,i have a requirement to create relevant query in Splunk to retrieve daily count of records from Kafka server... by bapun18 Communicator in Splunk Search 09-09-2020 0 1	0	1
Only the raw field has data.rest everything and every field is empty I have an issue where the raw data shows up with data but when I query it, all the other fields come up as empty. I ... by vishtrip New Member in Splunk Search 09-09-2020 0 1	0	1
Error in 'eval' command: Typechecking failed. '-' only takes numbers I have tried many ways to get the difference between two numbers. Here is what I have tried. try 1: event=subscript... by raytroy New Member in Splunk Search 09-09-2020 0 3	0	3
Show 0% if no results are found I have the following search: index="automox" sourcetype="automox:devices" server_group="Windows Server Pilot" \| ded... by FraserC1 Path Finder in Splunk Search 09-09-2020 0 10	0	10
Assistance with combining / joining on 2 large data sets I have 2 large data sets Data Set 1 (Assets) contains information about devices. For example the dataset will have t... by willadams Contributor in Splunk Search 09-09-2020 0 5	0	5
Appending Searched parsing output I m using append query multiple times for different searches for same index.Its parsing my job. Please advise solutio... by Manasi25 Explorer in Splunk Search 09-09-2020 0 13	0	13
How to compute the duration based on Time picker Basically, I want to get duration based on the time picker.Example, If i select Year to Date in the time picker, i wa... by Noob_splunker Explorer in Splunk Search 09-09-2020 0 1	0	1
Display only the top 5 values in count column Id like to be able to display only the top Total values, struggling with this by sphiwee Contributor in Splunk Search 09-09-2020 0 4	0	4
get the latest value in an array Hi Guys,I am working on searching data from Servicenow ticket, and tickets normally have some status for example:#Tic... by garumaru Explorer in Splunk Search 09-09-2020 0 2	0	2
_time format Our data input contains two timestamp fields — creation_time and modification_time — both formatted in line with ISO ... by benhooper Communicator in Splunk Search 09-09-2020 0 11	0	11
Splunk Returning different Stats for same time range. I have a scheduled report that runs monthly for the previous month. It runs a cron job 00 08 1 * *. I need to go back... by djreschke Communicator in Splunk Search 09-08-2020 0 10	0	10
Splunk If else and severity search query I am trying to write splunk search where I have 2 conditions and my query returns the results based on that for examp... by puneetkharband1 Path Finder in Splunk Search 09-08-2020 0 3	0	3