Splunk Search

Community Activity

	Optimizing search to display week-over-week percentage change of event count Hi all,I'm trying to display a week-over-week percentage change of event count collected for various countries, and d... by wu_weidong Path Finder in Splunk Search 08-11-2020 0 2	0	2
	Append causing dashboard panels to use colours for max ranges In my dashboard, I have "Alerts Open" timechart single value panels with colour ranges that are using the following s... by benhooper Communicator in Splunk Search 08-11-2020 0 1	0	1
	How to create a custom alert based on job failures that includes job name in subject title? Hi, We are planning to create alerts based on the search pattern we are given. We are very new and need your suggesti... by sudhakar419 Observer in Splunk Search 08-10-2020 0 3	0	3
	Extracting using rex How do I use rex to extract the virus info so that I can display this info in my splunk dashboard? by rkris Explorer in Splunk Search 08-10-2020 0 8	0	8
	Source or destination IP Address? Is 192.168.1.111 the source or destination IP Address? by rkris Explorer in Splunk Search 08-10-2020 0 1	0	1
	If column is certain value but the other is null. Hi Everyone,This might be straight forward and I'm missing it but my current query is below and I am not able to get ... by Username1 Path Finder in Splunk Search 08-10-2020 0 5	0	5
	outputlookup append one field but not another I am trying to write a search that will update a lookup asset table, with an additional table column metric (weight1)... by daniel_althoff8 Loves-to-Learn in Splunk Search 08-10-2020 0 4	0	4
	Why does my Geomap not work? I'm trying to display the city and country name for all these IP Addesses which I extracted from my windows log file... by rkris Explorer in Splunk Search 08-10-2020 0 2	0	2
	How to combine the results ? I am new to Splunk. I have the logs in the following format for our servers. Host, CPU, %USAGEHost, Memory, %UsageHos... by skavuri11 Observer in Splunk Search 08-10-2020 0 2	0	2
	How to display only the test name if key "failure" is in the same object in JSON event I am sending sauce labs test results to splunk and they are in this format: { "testsuite": { "@name": "'PR-108... by sloh_splunk Splunk Employee in Splunk Search 08-10-2020 0 3	0	3
	How to make table from two queries with common field HiI have one index with two sources (source=source1 and source2). Both events have two common fields (common_field1 a... by edrivera3 Builder in Splunk Search 08-10-2020 0 4	0	4
	issue with dividing two numbers Hi, Can someone help me with this.I have fields with values SP=3390510 and TP=3394992I am trying to get Success per... by sravankaripe Communicator in Splunk Search 08-10-2020 0 1	0	1
	Dedup field values using if"match"? Hello all, I am attempting to put together a search where I'm taking website status (200=allowed, etc) and breaking i... by BB34 Explorer in Splunk Search 08-10-2020 0 6	0	6
	Saving License on Windows Events - Regex "This event..." Hi! i've been trying to regex some part of the windows events to save license. Many windows events contains a large p... by dieguiariel Path Finder in Splunk Search 08-10-2020 0 9	0	9
	Can't get timechart average to work I'm trying to get the average time that a case is open in a system.To get the latest event per case that's closed and... by benhooper Communicator in Splunk Search 08-10-2020 0 13	0	13
	How to search span for 1 day and 2 hours ? This is my query and I have some challenges in the log. The thing is my daily job will start at 11 PM. If the job run... by karthi2809 Builder in Splunk Search 08-10-2020 0 6	0	6
	How can I compare values from a lookup and alert when there is no mach? Hi, I have a lookup tables with user names (ftp_users.csv).Every day I'm getting one line from a particular system wi... by yossefn Path Finder in Splunk Search 08-10-2020 0 5	0	5
	Tstats Summary Join Different Search Ranges Hey Guys,I am struggling arround a few days now, but I cant find a good/efficient solution for my problem.I want to c... by sarausch New Member in Splunk Search 08-10-2020 0 3	0	3
	SPL Search - Alert if not true (transaction) I have written a rule that is trying to use a transaction and based on the transaction value to either alert or not. ... by willadams Contributor in Splunk Search 08-09-2020 0 1	0	1
	How to change a single panel color based on text result with unit format ? HiIn the search below, I would be able to change the background color following the value of the FreeSpace fieldIt wo... by jip31 Motivator in Splunk Search 08-09-2020 0 9	0	9
	Comparisons If suppose i have two Phases with first and last datePhase 1=1 JAN 2020, 1 March 2020Phase2=1Apr 2020,1jun 2020if i g... by renuka Path Finder in Splunk Search 08-09-2020 0 7	0	7
	How to calculate Uptime? Splukers, I want to calculate uptime for my network. By this I mean, I need uptime in hours like time diffrence betwe... by amandeepsingh Explorer in Splunk Search 08-09-2020 0 6	0	6
	How to change the background color table fieldname Can some one please help me to change the background color of Table fieldname.By default I am getting the fieldname b... by skodak Explorer in Splunk Search 08-09-2020 0 4	0	4
	Timechart of values This is probably a really simple question but I have events coming in every minute.I've used \| rex field=_raw .... t... by tbrown Path Finder in Splunk Search 08-09-2020 0 2	0	2
	How to set a splunk token in a search query I've created a text form input called 'username' to search for usernames in my dashboard panels and i've set the toke... by rkris Explorer in Splunk Search 08-09-2020 0 3	0	3