Splunk Search

Community Activity

What should be the search string and trigger alert condition for below mentioned alert scheduling scenario. Hi All,I have a search string like below: index=qrp STAGE IN ("*_LDD",TRADE_EVENT,SOPHIS_TRANS,SOPHIS_INSTR,ORDER_EVE... by Snehaan Explorer in Splunk Search 08-27-2020 0 3	0	3
TIME_FORMAT issue with 10:21:00 and 06:10:21 I have a time format issue with Splunk logs . events are not coming correctly against the correct timestamp. in props... by vijayakumarkb Explorer in Splunk Search 08-27-2020 0 14	0	14
Searching in model created with TDIDF, StandardScaler and PCA Hi All,I followed Ian's blog (https://blog.arcusdata.io/splunk-mltk-to-predict-kb-articles) and it is a nice blog.But... by Madere Observer in Splunk Search 08-27-2020 0 0	0	0
Using data in a lookup table as part of a search I'm trying to use a lookup table to find records in my database, but I'm not having much luck. It may just be that I'... by richhart_1963 Engager in Splunk Search 08-27-2020 0 3	0	3
lookup already exist why am I getting "Encountered the following error while trying to save: An object with name=prices_lookup already exi... by alexruiz22 New Member in Splunk Search 08-26-2020 0 0	0	0
Can you use the predict command with multiple fields without having to type them all? Hi, I am looking to use predict command with multiple fields without typing all their names. For example I know it c... by splunkiesplunkh Explorer in Splunk Search 08-26-2020 1 10	1	10
Specify specific time range in query Hello SplunkersI have an IIS log that I am testing against and I have a need to test for a specified rangeThe _time ... by irishmanjb Path Finder in Splunk Search 08-26-2020 0 17	0	17
How do you match ip address with ip's with CIDR notations in the same lookuptable? We have a CSV with a field called application and another called IP. Within the field ip there are ip addresses and ... by UMDTERPS Communicator in Splunk Search 08-26-2020 0 8	0	8
How to find the difference between an inputlookup and a search result? I've a lookup file which have a mount list with respective servers. Now I have a script which logs the mount availabl... by anirban_nag Explorer in Splunk Search 08-26-2020 1 6	1	6
mvfilter before using mvexpand to reduce memory usage Hi,I have some documents that looks like this: { "document_id": "some-id", "status": "some-status", "fields": ... by unbelievable_ma Explorer in Splunk Search 08-26-2020 0 6	0	6
Fieldformat didn't work with foreach Hifor some reason fieldformat didn't work with foreach x,y,z. Sometimes it works mostly didn't. Here is same which di... by isoutamo SplunkTrust in Splunk Search 08-26-2020 0 8	0	8
Splunk_TA_windows, multiple src extractions Hi all,I have the Splunk_TA_windows and i noticed that there are multiple transforms-extract for field named src. For... by astatrial Contributor in Splunk Search 08-26-2020 0 1	0	1
Count requests that start, but don't finish I have an API that logs the start and end of each request. What I'd like to make sure I'm monitoring is the requests ... by oompaloompa Loves-to-Learn Lots in Splunk Search 08-26-2020 0 1	0	1
using append with mstats and eval The following query is being used to model IOPs before and after moving a load from one disk array to another. The "... by winknotes Path Finder in Splunk Search 08-26-2020 0 6	0	6
array HelloI have log like belowFEATURES_USING=[tokenValidatorInfo=false, requestValidationRequired=false, requestPayloadVa... by vinod0313 Explorer in Splunk Search 08-26-2020 0 8	0	8
latest HelloI have below logs in last 60 minslog1: ABC=1,DEF=2,GHI=3log2:ABC=0,DEF=0,GHI=3while executing my query for last ... by vinod0313 Explorer in Splunk Search 08-26-2020 0 7	0	7
grouping and counting rows with respect to 2 values Hi everyone, after a search with some eval e rex commands, I end up in a table like this: ID --- FIELD(1) --- FIELD(2... by Andr3A Engager in Splunk Search 08-26-2020 0 2	0	2
Need help with Splunk Query Hi What I have: I have a list of events with multiple <Key,Value> pairs. For eg., like below event1:attributes:{"test... by vinoths_82 Explorer in Splunk Search 08-25-2020 0 2	0	2
Splunk Search regex Hello, My first post!!!I have a bunch of results that show up when searched. One of the example is Aug 5 19:08:12 Ser... by avsplunkuser007 Engager in Splunk Search 08-25-2020 0 5	0	5
How to combine multiple stats searches and get a result? I have two individual stats searches that return a single value each. How can I combine the two to get a ratio?The in... by splunkuserCA1 Path Finder in Splunk Search 08-25-2020 0 7	0	7
Create an alert if error rate is over 10 ( or X number ) for 15min continusly. Hi There,I have this query that reports the status code error rates.index=apache_core userAgent!="nginx/*" source="... by dpdwibedy Explorer in Splunk Search 08-25-2020 0 6	0	6
How to replace URL string with a hyperlink in splunk? Hi Everyone, I have a search query as below: index=xyz sourcetype=uio source="user.log" process (Type ="*") (Name_Id ... by aditsss Motivator in Splunk Search 08-25-2020 0 9	0	9
Help in Regex Hi Team,I have one requirement :I have multiple URL'S some contain id and some dont contain id'sURL'S Examplehttps://... by aditsss Motivator in Splunk Search 08-25-2020 0 5	0	5
How to extract portion of the string using Regex Hi Eveyone,Can anyone help me out in this.I have a field name Request_URL as = https://xyz/api/groups/230df08c/reg... by aditsss Motivator in Splunk Search 08-25-2020 0 27	0	27
Using a different time picker on an inner query I'm working on dashboard in which I would like to compare data across two different time periods. (I posted a previo... by ShagVT Path Finder in Splunk Search 08-25-2020 0 2	0	2