Splunk Search

Community Activity

	Eval a token value and pass it on a search Hi,I have a dashboard where I have a drop down which returns me a string. The xml of the drop down is below:<input ty... by subhrangshu Explorer in Splunk Search 08-21-2020 0 4	0	4
	Scheduled search shows no events, but later searching the same time frame shows that there were There is a search that runs every 30 minutes and normally it runs okay. But in few instances seemingly at random the ... by PeterWalker8 New Member in Splunk Search 08-21-2020 0 0	0	0
	automatic lookups I've got 3 automatic lookups:host::ORAC : LOOKUP-game titlegame_titles id AS title_id OUTPUTNEW publisher_id AS publi... by friskyapple Explorer in Splunk Search 08-21-2020 0 2	0	2
	Regex for fetching number how to use regex yo fetch Incident (eg: INC0000453245 or INC0000342568)to fetch INC and exactly 10 numbers after INC?... by priya0709 Path Finder in Splunk Search 08-21-2020 0 1	0	1
	strftime day and month: Splunk vs Python My question is about day and month components of a date without leading zeroes.Python docs provide %-d and %-m respec... by pm771 Communicator in Splunk Search 08-20-2020 0 1	0	1
	How to share ML fit result to multiple tiles in dashboard I have a custom ML model which does anomaly detection and once the fit and apply is done , i need the ML result to be... by kumarviv Explorer in Splunk Search 08-20-2020 0 0	0	0
	how to chnage "mmss" format strings to mm:ss format I have searched this but I have not found a suitable answer yet,Here I have a field as belowtime"0""7""56""101""3045"... by K2 Engager in Splunk Search 08-20-2020 0 2	0	2
	Combining similar results If I have the below results:server_name secondary_idserver1 KB4571703server1 KB4570508server1 KB4566425server2 KB4578... by FraserC1 Path Finder in Splunk Search 08-20-2020 0 2	0	2
	force dynamic multiselect to set its default to all possible values returned from the search Hi there!I have a multi-select input that gets dynamically populated by a search and I would like it to automatically... by azulgrana Path Finder in Splunk Search 08-20-2020 0 1	0	1
	Help getting search that includes LOOKUP that are merged into one row for each result I am trying to get the following results for date, email and answer with the other data into separate rows:Results I ... by CSULeigh Explorer in Splunk Search 08-20-2020 0 1	0	1
	Search for events occurring outside of two different transactions. I have the following scenario:There are two transactions that I want to monitor. Both occur randomly, and multiple ti... by tbrown Path Finder in Splunk Search 08-20-2020 0 0	0	0
	Need help selecting values from two events and calculating percentage change Hello,First of all, thanks for any help you may be able to give me. I would appreciate some help with a problem I'm h... by jmattheson Engager in Splunk Search 08-20-2020 0 3	0	3
	unable to add input to yahoo api Hi team, i was trying to add input for yahoo api , getting below error . Argument validation for scheme=yahoo_weat... by sunfacepriya New Member in Splunk Search 08-20-2020 0 1	0	1
	Storing queried data so that it can be accessed across search head clusters attached to the same idexer I have begun to accumulate some reference information about my company's AWS environment based on a bunch of queries.... by MonkeyK Builder in Splunk Search 08-20-2020 0 2	0	2
	Move or add Y axis to the right of multi-series line chart I've made the following multi-series line chart (details) where it makes much more sense to have the Y axis on the ri... by benhooper Communicator in Splunk Search 08-20-2020 0 0	0	0
	Find percentage of two numbers Hi, I am trying to search through some patch data to find percentage of devices that have been patched against the to... by FraserC1 Path Finder in Splunk Search 08-20-2020 0 9	0	9
	Regex help for incident I am using below query to fetch Incident from the subject line:—rex field=subject max_match=0 “(?<Incident>INC\d+)”ho... by priya0709 Path Finder in Splunk Search 08-20-2020 0 5	0	5
	Regex field help Hi All,need help in 2 regex problem.1. Filtering Class_Type value from the _raw . "Ticket_ID": "8158", Please see Wo... by jerinvarghese Communicator in Splunk Search 08-20-2020 0 1	0	1
	avoid search job being queued indefinitely Hi,Using the api I am submitting searches to splunk. Sometimes, the jobs remain in queued state forever. I can see wh... by henryw374 New Member in Splunk Search 08-20-2020 0 0	0	0
	Populate drop down with eval values Hello,Is it possible to populate drop down in Dashboard with eval values. I have a query as given below which returns... by subhrangshu Explorer in Splunk Search 08-20-2020 0 2	0	2
	How to compare a search field value with a field value in a lookup ? Hi,My issue is : I have a query which contains a "NetworkIterface" field: eni-12345, eni-6789, ...I have a lookup whi... by mah Builder in Splunk Search 08-20-2020 0 1	0	1
	How to include timestamp of most recent event in a comparison between current day and a prior period I have a search that compares the number of events for the current day, for a given combination of fields, to the dai... by djhowie New Member in Splunk Search 08-19-2020 0 7	0	7
	How to join two sourcetypes by hostname field and create a table? Hello, I need to make a report with 2 different sourcetypes.For the first sourcetype, lets call it st1, I have the li... by 3DGjos Communicator in Splunk Search 08-19-2020 0 3	0	3
	How to transform data base on the value of the field? Hello all, I need to get the total each column of the date and create a new column that showing the date column base ... by ChioNeng Explorer in Splunk Search 08-19-2020 0 2	0	2
	How to compare the data from CSV and get the desired result I have a CSV (domains.csv) that contain the list of domains. I have uploaded into Splunk and get the result using [\| ... by nitinpa Observer in Splunk Search 08-19-2020 0 6	0	6