Splunk Search

Community Activity

Explicit Search/Alert for an Error I am looking at setting up Search/Alert if i see an only "ERROR OGG-01296", however don't want to receive any alert w... by kvallala Explorer in Splunk Search 07-31-2020 0 2	0	2
Is there a "keepdup" command? HI, I am looking for something that is the 'opposite' of dedup; where the duplicate events are kept, and singular eve... by hirschel New Member in Splunk Search 07-31-2020 0 1	0	1
use eval variable in my search hi, i'm trying to use an eval variable in my search. i've tried many different things and i've failed, and i'm sure t... by gpSplunk123 Engager in Splunk Search 07-31-2020 0 3	0	3
How to search for all outward bound data? I'm a noobie here, and I'm trying to figure out how to search for all outward bound data. How does one accomplish thi... by splunktest_ Loves-to-Learn Lots in Splunk Search 07-31-2020 0 1	0	1
Connecting "remotely" instead of using localhost I want to test an HEC script that is hosted remotely by pointing it to the Splunk instance at my desk.Up to this poin... by chris94089 Path Finder in Splunk Search 07-31-2020 0 1	0	1
Count of events by field where field has multiple instances of same value Hi there We presently have a setup where error codes are extracted and put into their own field. The way it's been s... by djohnson99 Explorer in Splunk Search 07-31-2020 0 2	0	2
query the number between a range Hi,I have alerts when the number goes above certain % of the disk usage. So there are alerts at 70, 80, 90. It works ... by deepakaakula Explorer in Splunk Search 07-31-2020 0 8	0	8
Search for sample to convert my Pivot Table from excel to SPL, have raw data Hi, I am a beginner of SPLUNK and SPL. Recently I am asked to replace my statistic table from excel into SPLUNK to c... by puppy0723 New Member in Splunk Search 07-31-2020 0 0	0	0
Troubles pivoting from dnslookup results to index search I am trying to use the results of dnslookup to pivot the results to query my index.\| makeresults\| eval domain="google... by cbakes New Member in Splunk Search 07-31-2020 0 1	0	1
map command Can I use the map command with the variable being the index and/or sourcetype?\| makeresults\| eval User = "12345", ind... by kgrahamLM Observer in Splunk Search 07-31-2020 0 7	0	7
Sum in timechart I want to display earliest invested amount based on type (stock,fd,mutual fund,etc) over a month and want to keep num... by shravanikarale Loves-to-Learn Lots in Splunk Search 07-31-2020 0 0	0	0
How can we make first tab as default when dashboard is opened Hi All,We have a dashboard which uses three layers of tabs- (please refer attached screenshot)Issue- when we load the... by shugup2923 Path Finder in Splunk Search 07-31-2020 0 1	0	1
How to change default from "All time" in Pivot time filter? Currently when building a pivot table the default time is set to "All Time". Is it possible to set it to some other v... by jwebster0000 Engager in Splunk Search 07-31-2020 2 8	2	8
while using chart i see null value and that particular col is not visible in dashboard HI, While use chart command i am getting null values for status in search and the same in dashboard i do not see in t... by vikashperiwal Path Finder in Splunk Search 07-31-2020 0 2	0	2
How to use "setfields" command to assign the value based on field value rather than field name? I want to use the setfields command to set fieldA to a particular value. That value is located in fieldB. How can I... by sirching Loves-to-Learn Lots in Splunk Search 07-30-2020 0 5	0	5
Binary/square Time chart I have a field that contains either 0 or 1 according to the state of a process. What command could I use to make a ti... by tbrown Path Finder in Splunk Search 07-30-2020 0 10	0	10
Filtering Hosts within a Transaction So I have a search that is structured as follows index=main <filtering for start and end events> OR <filtering for ev... by tbrown Path Finder in Splunk Search 07-30-2020 0 4	0	4
Search and compare data within 3 fields to find positive and negative matches I have a search yielding data from three different email fields, call them msg.header.to{}, msg.header.cc{} and orig_... by Glioblaster Explorer in Splunk Search 07-30-2020 0 6	0	6
Cannot convert a rex pattern variable to use in a chart I have the following splunk event:2020-Jul-30 18:19:02.891Z level=DEBUG thread=https-jsse-nio-2720-exec-9 pid=20 code... by gsbpp Explorer in Splunk Search 07-30-2020 0 2	0	2
How to search for machines that are not reporting? We are using 100+ machines...Could you please help me in splunk search...The scenario is I am having 100 machines and... by shweths New Member in Splunk Search 07-30-2020 0 3	0	3
How to merge two charts which have different stats by in Splunk Hi, I wanted a single graph to show values. One search is index="cumu_open_csv" Assignee="ram"\| eval open_field=if(i... by priyaramki16 Path Finder in Splunk Search 07-30-2020 0 6	0	6
Lookback search for related event I'm trying to perform a search that will be used for a notable event that looks for the creation of a load balancer l... by tbrus Engager in Splunk Search 07-30-2020 0 2	0	2
trying to generate an alert but The problem is that the logs are different Good morning, I am trying to generate an alert for productive applications when they are in "debug" modeThe problem i... by yeisonv Explorer in Splunk Search 07-30-2020 0 7	0	7
How to filter out the logs during indexing using regex? Hi Team, I want to filter out the logs during the indexing level itself i.e. If the event comes with the following fo... by anandhalagaras1 Contributor in Splunk Search 07-30-2020 0 6	0	6
How to pass the time of a transaction to drill down for custom search I have a panel on my dashboard that is a list of transactions. I edited the drill-down to link to the search of the t... by tbrown Path Finder in Splunk Search 07-30-2020 0 2	0	2