Splunk Search

Community Activity

Search for sample to convert my Pivot Table from excel to SPL, have raw data Hi, I am a beginner of SPLUNK and SPL. Recently I am asked to replace my statistic table from excel into SPLUNK to c... by puppy0723 New Member in Splunk Search 07-31-2020 0 0	0	0
Troubles pivoting from dnslookup results to index search I am trying to use the results of dnslookup to pivot the results to query my index.\| makeresults\| eval domain="google... by cbakes New Member in Splunk Search 07-31-2020 0 1	0	1
map command Can I use the map command with the variable being the index and/or sourcetype?\| makeresults\| eval User = "12345", ind... by kgrahamLM Observer in Splunk Search 07-31-2020 0 7	0	7
Sum in timechart I want to display earliest invested amount based on type (stock,fd,mutual fund,etc) over a month and want to keep num... by shravanikarale Loves-to-Learn Lots in Splunk Search 07-31-2020 0 0	0	0
How can we make first tab as default when dashboard is opened Hi All,We have a dashboard which uses three layers of tabs- (please refer attached screenshot)Issue- when we load the... by shugup2923 Path Finder in Splunk Search 07-31-2020 0 1	0	1
How to change default from "All time" in Pivot time filter? Currently when building a pivot table the default time is set to "All Time". Is it possible to set it to some other v... by jwebster0000 Engager in Splunk Search 07-31-2020 2 8	2	8
while using chart i see null value and that particular col is not visible in dashboard HI, While use chart command i am getting null values for status in search and the same in dashboard i do not see in t... by vikashperiwal Path Finder in Splunk Search 07-31-2020 0 2	0	2
How to use "setfields" command to assign the value based on field value rather than field name? I want to use the setfields command to set fieldA to a particular value. That value is located in fieldB. How can I... by sirching Loves-to-Learn Lots in Splunk Search 07-30-2020 0 5	0	5
Binary/square Time chart I have a field that contains either 0 or 1 according to the state of a process. What command could I use to make a ti... by tbrown Path Finder in Splunk Search 07-30-2020 0 10	0	10
Filtering Hosts within a Transaction So I have a search that is structured as follows index=main <filtering for start and end events> OR <filtering for ev... by tbrown Path Finder in Splunk Search 07-30-2020 0 4	0	4
Search and compare data within 3 fields to find positive and negative matches I have a search yielding data from three different email fields, call them msg.header.to{}, msg.header.cc{} and orig_... by Glioblaster Explorer in Splunk Search 07-30-2020 0 6	0	6
Cannot convert a rex pattern variable to use in a chart I have the following splunk event:2020-Jul-30 18:19:02.891Z level=DEBUG thread=https-jsse-nio-2720-exec-9 pid=20 code... by gsbpp Explorer in Splunk Search 07-30-2020 0 2	0	2
How to search for machines that are not reporting? We are using 100+ machines...Could you please help me in splunk search...The scenario is I am having 100 machines and... by shweths New Member in Splunk Search 07-30-2020 0 3	0	3
How to merge two charts which have different stats by in Splunk Hi, I wanted a single graph to show values. One search is index="cumu_open_csv" Assignee="ram"\| eval open_field=if(i... by priyaramki16 Path Finder in Splunk Search 07-30-2020 0 6	0	6
Lookback search for related event I'm trying to perform a search that will be used for a notable event that looks for the creation of a load balancer l... by tbrus Engager in Splunk Search 07-30-2020 0 2	0	2
trying to generate an alert but The problem is that the logs are different Good morning, I am trying to generate an alert for productive applications when they are in "debug" modeThe problem i... by yeisonv Explorer in Splunk Search 07-30-2020 0 7	0	7
How to filter out the logs during indexing using regex? Hi Team, I want to filter out the logs during the indexing level itself i.e. If the event comes with the following fo... by anandhalagaras1 Contributor in Splunk Search 07-30-2020 0 6	0	6
How to pass the time of a transaction to drill down for custom search I have a panel on my dashboard that is a list of transactions. I edited the drill-down to link to the search of the t... by tbrown Path Finder in Splunk Search 07-30-2020 0 2	0	2
How to display a latest time or last received time from a custom time field. Hi Folks, I am been trying to display latest time results. I have a logs where time stores under a custom field (Patc... by inayath_khanin Explorer in Splunk Search 07-30-2020 0 4	0	4
Why am I getting this error when using regex for URI search? I have the following query to search results which contain a specific rest endpoint which has a UUID path parameter: ... by ghildiya Explorer in Splunk Search 07-30-2020 0 3	0	3
How to retrive a Date column from another search(index) Hello Everyone!I have a scenario to get a Date column from index1 in search1 and remove the rows with null values in ... by kiru2992 Path Finder in Splunk Search 07-30-2020 0 9	0	9
Hide/reset drill down panel/fields Hi,I have my dashboard with two views --radio buttonView AView BView A has 2 panels and view B also has 2 panel and i... by vikashperiwal Path Finder in Splunk Search 07-30-2020 0 1	0	1
Single value from multiple values In my data i am getting multiple dates for single id.i need only recent date for each date.how can i remove other dat... by renuka Path Finder in Splunk Search 07-30-2020 0 4	0	4
How do I show/hide panels based on multiple checkboxes? I have multiple checkboxes which depending on the selections, it would hide or show different panels. Consider one pa... by timyong80 Explorer in Splunk Search 07-30-2020 0 1	0	1
How do I set up a static start time in alerts? How do I set up a static start time in alerts? I want my search to run from say June 15, 6:00 AM to now. The start ti... by aniketb Path Finder in Splunk Search 07-30-2020 0 2	0	2