Splunk Search

Community Activity

Comparisons If suppose i have two Phases with first and last datePhase 1=1 JAN 2020, 1 March 2020Phase2=1Apr 2020,1jun 2020if i g... by renuka Path Finder in Splunk Search 08-09-2020 0 7	0	7
How to calculate Uptime? Splukers, I want to calculate uptime for my network. By this I mean, I need uptime in hours like time diffrence betwe... by amandeepsingh Explorer in Splunk Search 08-09-2020 0 6	0	6
How to change the background color table fieldname Can some one please help me to change the background color of Table fieldname.By default I am getting the fieldname b... by skodak Explorer in Splunk Search 08-09-2020 0 4	0	4
Timechart of values This is probably a really simple question but I have events coming in every minute.I've used \| rex field=_raw .... t... by tbrown Path Finder in Splunk Search 08-09-2020 0 2	0	2
How to set a splunk token in a search query I've created a text form input called 'username' to search for usernames in my dashboard panels and i've set the toke... by rkris Explorer in Splunk Search 08-09-2020 0 3	0	3
Search Json Field Using Dynamic Variable Hello, I have json data and I am trying to search a specific field using a dynamic variable. I can properly search if... by joemarty82 Explorer in Splunk Search 08-09-2020 0 5	0	5
How do i extract backdoor info from a linux log file into my splunk dashboard ? I have uploaded the log file containing the backdoor information above into splunk but i'm not sure how to create a s... by rkris Explorer in Splunk Search 08-08-2020 0 1	0	1
Why do i get 'Search is waiting for input' error? I've created a dropdown field for New User Accounts Created(Failed Attempts) And this is the search query This is the... by rkris Explorer in Splunk Search 08-08-2020 0 1	0	1
How do i extract virus info from a linux log file into my splunk dashboard ? I have uploaded the log file containing the virus information above into splunk but i'm not sure how to create a sea... by rkris Explorer in Splunk Search 08-08-2020 0 1	0	1
use source within map command Hi,I have several log files that I´m "batch indexing".for example: file01.log file02.log file03.log file04.log Now I´... by chrkohm Path Finder in Splunk Search 08-07-2020 0 4	0	4
stats count by generating inconsistent result I have a very simple search:index=logs_glbl sourcetype=kube:container:app-name namespace=prod status=500 \| stats coun... by noman377 Explorer in Splunk Search 08-07-2020 0 2	0	2
How to extract multiple values for multiple fields within a single event? I have syslogs from our load balancer which has 4 servers on it.When one of the servers states changes from UP to DOW... by cbwillh Path Finder in Splunk Search 08-07-2020 0 9	0	9
How to combine two field values into one I have got a query like this index=* request in (request1, request2, request3)eval request&& = request1 + request2Pl... by skodak Explorer in Splunk Search 08-07-2020 0 3	0	3
Table with true and false (column) counts for specific users (rows) Hi there, I have just started using Splunk and it is quite alien to me. Hope you guys can help me out! I have the fo... by Matthew86 Explorer in Splunk Search 08-07-2020 0 2	0	2
Join index's together. HI all,I have 2 index, that have same common field together. I want to join both together.Query 1: index=opennms "... by jerinvarghese Communicator in Splunk Search 08-07-2020 0 3	0	3
Help With Event Cleanup - Remove "-" I am having a problem with what i believe is writing a regex to clean up some events before i report on them in dashb... by ghostdog920 Path Finder in Splunk Search 08-07-2020 0 4	0	4
Generate timechart with normalized/rescaled data points Hello,I'm trying to analyze an A/B test results on access pattern changes for a specific field.Simplified query looks... by izx New Member in Splunk Search 08-06-2020 0 0	0	0
mvexpand issues and alternative needed Hi all,I have below situation. Actual query is much longer so I just need the logic.cve is the multivalue field. It i... by mbasharat Builder in Splunk Search 08-06-2020 0 0	0	0
Join two field with similar values and stats by an uncommon field How do I combine a field with similar value (where one value might or might not exist in one of the field) and use st... by icosine Engager in Splunk Search 08-06-2020 0 2	0	2
[Report Acceleration] Can we benefit from the accelerated summary outside the app? If a report is accelerated in the search app, are the other apps supposed to benefit from its acceleration? The repor... by sylim_splunk Splunk Employee in Splunk Search 08-06-2020 2 1	2	1
How to make a field cover multiple events I have a transaction of events. In the first event of the transaction, it contains an event that I am using\| rex fiel... by tbrown Path Finder in Splunk Search 08-06-2020 0 1	0	1
Continue on dbxquery Failure I have a search that performs a basic dbxquery connection and SQL search. If the database table were to be dropped o... by ohbuckeyeio Communicator in Splunk Search 08-06-2020 0 0	0	0
Display result when comparing 3 fields, only show greater by 100 for one field I have a search that is giving me this data set:ID status Stampalex esb 15959898... by baustin612 Explorer in Splunk Search 08-06-2020 0 4	0	4
How to count and sum fourth column if second and third column are certain value and group by first column? So my data structure has four columns: "Month", "Status", "Accepted", "Value". As the title suggest I'm trying to det... by Username1 Path Finder in Splunk Search 08-06-2020 0 11	0	11
Split unix commands There is a command fields in my logs and consists of unix commands.One value is /usr/bin/ssh -q -o ConnectTimeout=5 -... by dwibedi03 Explorer in Splunk Search 08-06-2020 0 6	0	6