Splunk Search

Community Activity

latest HelloI have below logs in last 60 minslog1: ABC=1,DEF=2,GHI=3log2:ABC=0,DEF=0,GHI=3while executing my query for last ... by vinod0313 Explorer in Splunk Search 08-26-2020 0 7	0	7
grouping and counting rows with respect to 2 values Hi everyone, after a search with some eval e rex commands, I end up in a table like this: ID --- FIELD(1) --- FIELD(2... by Andr3A Engager in Splunk Search 08-26-2020 0 2	0	2
Need help with Splunk Query Hi What I have: I have a list of events with multiple <Key,Value> pairs. For eg., like below event1:attributes:{"test... by vinoths_82 Explorer in Splunk Search 08-25-2020 0 2	0	2
Splunk Search regex Hello, My first post!!!I have a bunch of results that show up when searched. One of the example is Aug 5 19:08:12 Ser... by avsplunkuser007 Engager in Splunk Search 08-25-2020 0 5	0	5
How to combine multiple stats searches and get a result? I have two individual stats searches that return a single value each. How can I combine the two to get a ratio?The in... by splunkuserCA1 Path Finder in Splunk Search 08-25-2020 0 7	0	7
Create an alert if error rate is over 10 ( or X number ) for 15min continusly. Hi There,I have this query that reports the status code error rates.index=apache_core userAgent!="nginx/*" source="... by dpdwibedy Explorer in Splunk Search 08-25-2020 0 6	0	6
How to replace URL string with a hyperlink in splunk? Hi Everyone, I have a search query as below: index=xyz sourcetype=uio source="user.log" process (Type ="*") (Name_Id ... by aditsss Motivator in Splunk Search 08-25-2020 0 9	0	9
Help in Regex Hi Team,I have one requirement :I have multiple URL'S some contain id and some dont contain id'sURL'S Examplehttps://... by aditsss Motivator in Splunk Search 08-25-2020 0 5	0	5
How to extract portion of the string using Regex Hi Eveyone,Can anyone help me out in this.I have a field name Request_URL as = https://xyz/api/groups/230df08c/reg... by aditsss Motivator in Splunk Search 08-25-2020 0 27	0	27
Using a different time picker on an inner query I'm working on dashboard in which I would like to compare data across two different time periods. (I posted a previo... by ShagVT Path Finder in Splunk Search 08-25-2020 0 2	0	2
Create a new field with categorical values for visualization I would like to create a new field, FlagSC, based on the value of sc_status. The new field should have a value of "... by CarbonCriterium Path Finder in Splunk Search 08-25-2020 0 1	0	1
How to search a exception in splunk which didn't occurred in past How to search a exception in splunk which didn't occurred in past by koushik91 Observer in Splunk Search 08-25-2020 0 3	0	3
array HelloI have log like belowFEATURES_USING=[tokenValidatorInfo=false, requestValidationRequired=false, requestPayloadVa... by vinod0313 Explorer in Splunk Search 08-25-2020 0 3	0	3
splunk I have a dashboard like below screenshotWhen I click on 1.0.9-SNAPSHOT(which is hightighted with blue colour in the s... by vinod0313 Explorer in Splunk Search 08-25-2020 0 3	0	3
lookup the fields in a different index I have a splunk query in paloalto data (index=idx_paloalto) something like this:index=idx_paloalto sourcetype=pan:tra... by goringop Explorer in Splunk Search 08-25-2020 0 1	0	1
Compare percentages with a week ago Hello all, I'm trying to put together a dashboard that - among other things - compares the success rate of various tr... by ShagVT Path Finder in Splunk Search 08-25-2020 0 4	0	4
Inputlookup used twice in 1 search with a NOT I have a problem with a 2nd NOT inputlookup that doesn't work. If I break out of the 2nd inputlookup and run this wi... by willadams Contributor in Splunk Search 08-25-2020 0 3	0	3
Comparing contents of separate but related events Hi,I am trying to find the best way to query events based on windows event log 7036 , around status of a service. I w... by paulw10 Explorer in Splunk Search 08-25-2020 0 8	0	8
json Hi I have a log like below which is having jsonFEATURES={ "featureDetails":[ { "featureName":"TOKEN_VALIDATION", "add... by vinod0313 Explorer in Splunk Search 08-25-2020 0 1	0	1
Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型” 使用的版本：splunk:6.2.2splunkforwarder:6.2.2问题：索引-当前大小/事件计数/最晚的事件：都显示有数据，而应用：Search&Reporting的“数据摘要”无法显示“主机/来源/来源类型”。望告知问题... by icgooo New Member in Splunk Search 08-25-2020 0 0	0	0
Time based counting. Hi All,need your help in getting the count correct for the below table.Table: Timesitecodecount2020-08-21FAW12020-08-... by jerinvarghese Communicator in Splunk Search 08-25-2020 0 6	0	6
How to color a panel if the result is not equal a specific datetime ? Hi, My issue is : I have a panel like that :what I want is to change dynamically the color (red for example) when thi... by mah Builder in Splunk Search 08-25-2020 0 1	0	1
Splunk Training PPT Hi Guys,I know this seems very sill query but I am looking this in urgency and I don't have much time to create it fr... by Hemant21 New Member in Splunk Search 08-25-2020 0 3	0	3
Certificate Download I am unable to download splunk certificate .My certificate got expired Can I still download it? by neha0107 New Member in Splunk Search 08-25-2020 0 1	0	1
renaming saved alerts Hi, We have a lot of saved searches and alerts. To make it easier to browse, I want rename them. If I go to manage... by aniketb Path Finder in Splunk Search 08-25-2020 2 5	2	5