Splunk Search

Community Activity

	Why are fields returning true for both isNum() and isStr() ? Hi, I want to setup a search to alarm me if a field ever changes its nature. To play around, I chose the year field ... by rolaso Explorer in Splunk Search 07-27-2020 0 5	0	5
	Correlate multiple events, extract fields, output to table Hi everyone, I'm trying to correlate some events that have same field and then to output the results to a table.Examp... by iulianbadea Engager in Splunk Search 07-27-2020 0 11	0	11
	Why does the case statement works until an AND is added to it? When I have this case statement like this, it "works". It runs and puts values in the iSeries column, but they are wr... by azvargas Loves-to-Learn in Splunk Search 07-27-2020 0 9	0	9
	How to convert a number into a Date? Hello, Folks. I have a field that represents a date but in this format (YY/MM/DD).For example: on 07/23/20 the field... by mattheuslima Explorer in Splunk Search 07-27-2020 0 5	0	5
	How do i create new field with last day of reporting period to my search? I have a report which runs every week on Monday , I'm using earliest and latest time in my search . Now I wanted to ... by iamsplunker Communicator in Splunk Search 07-27-2020 0 6	0	6
	How to convert numeric values to decimal numbers? I have a field called Availability and the field values are like 98.32 % and I want them to be converted as decimal n... by iamsplunker Communicator in Splunk Search 07-27-2020 0 3	0	3
	Calculating throughput In splunk logs, I have to monitor some specific events. The identifier I use to target for those events is a text 'EV... by ghildiya Explorer in Splunk Search 07-27-2020 0 5	0	5
	Describing fields Brand new to Splunk and curious whether there is a way to add descriptive text to the pop out window that appears whe... by CarbonCriterium Path Finder in Splunk Search 07-27-2020 0 1	0	1
	How can I join these two tstats searches The searches look like this in their base form \| tstats count where index=nix_os earliest=07/10/2020:00:00:00 latest=... by tkw03 Communicator in Splunk Search 07-27-2020 0 1	0	1
	How to match the host in host.csv with the field in test.csv? hi I need tio match the host there is in host.csv with the field there is in test.csv but i dont succeed could you he... by jip31 Motivator in Splunk Search 07-27-2020 0 6	0	6
	How to get sum of all the results Hi All,I'm using a query to get the total total count of a filed ( different error messages ) .Here is the search an... by dpdwibedy Explorer in Splunk Search 07-27-2020 0 4	0	4
	Calculate number of days (exclude weekends) between 2 dates? Hi everyone, I want to calculate the number of days (exclude weekends) between 2 days with the same format of datetim... by dominhthe110 Explorer in Splunk Search 07-27-2020 0 4	0	4
	overall disk usage HI,I'm trying to create a graph for overall disk usage for few linux servers. I'm getting the free percentage of in... by Anu Path Finder in Splunk Search 07-27-2020 0 0	0	0
	Need help with Splunk Query Hi All.I need help with Splunk Query for below scenario:I need to show the status of my cronjob in below format.Start... by nilbak1 Communicator in Splunk Search 07-27-2020 0 4	0	4
	A database error occurred: ORA-00942: table or view does not exist. Hi All, When I am trying to run the following search in splunk: \|dbquery wmsqlprd "select REC_TYPE, CODE_TYPE, CODE_D... by rahul2gupta Path Finder in Splunk Search 07-26-2020 0 2	0	2
	Unable to extract the field: 'Select Sample Event' fails I have a query which is able to fetch me the results. I want to extract the fields from raw data. So I click on 'Ext... by ghildiya Explorer in Splunk Search 07-26-2020 0 0	0	0
	Finding duration for particular day if user did not disconnect session Hello,How can I find the duration to check the actual active hours of a user for a perticular day if the VPN session ... by himpawar Observer in Splunk Search 07-26-2020 0 0	0	0
	Help on appendpipe HiI use the code belowIn the case of no FreeSpace event exists, I would like to display the message "No disk pace eve... by jip31 Motivator in Splunk Search 07-26-2020 0 8	0	8
	Why am I unable to filter logs using props.conf & transforms.com? I am using universal forwarder. Created app named - cisco-ios. Then inputs.conf , props.conf & transforms.conf inside... by alexspunkshell Contributor in Splunk Search 07-26-2020 0 9	0	9
	Multiple Evals with multiple values that requires renaming Hello,I understand that you can have two evals in one line but i keep getting several errors when i try to combine tw... by Corey_Heart Engager in Splunk Search 07-25-2020 0 4	0	4
	What is the command to check if a field exists in one column but not in the other column? hello what is the command to check if a field exists in one column but not the other? for example, to count the "10... by avivn Explorer in Splunk Search 07-25-2020 0 8	0	8
	How to calculate average based on 2 fields and group the result by values in the third field? Hi everyone, This is the first time, I've used Splunk. I have the data like this:ORDER_IDPRICEGROUP0000110A0000220B0... by dominhthe110 Explorer in Splunk Search 07-25-2020 0 4	0	4
	how to refer to data between 2 sourcetypes I am running a search against my windows event logs, lets call it sourcetypeA. I need to use the IP address obtained... by sirching Loves-to-Learn Lots in Splunk Search 07-25-2020 0 1	0	1
	How can i list the the results of saved reports simultaneously I have created the reports based on the errors in the OS.Saved Reports:Report_Name -- DescriptionNetwork -- Repo... by bala1185 Engager in Splunk Search 07-25-2020 0 0	0	0
	Add Filter Query if Field Exists Hi. I already have a Splunk query that we use in a production environment. We are now adding a new field that we'd li... by lmattar Engager in Splunk Search 07-24-2020 0 2	0	2