Splunk Search

Community Activity

Unable to divide output of two queries Hi team, I want to divide the output result of one query with output of second query and get a remainder. I am using ... by preetham2215 New Member in Splunk Search 07-23-2020 0 2	0	2
Comparing two search results and listing unique ones as table Hi,Have logs for both request to a server and its response. However, in some cases the response won't be received and... by renjithk Observer in Splunk Search 07-23-2020 0 1	0	1
help to display field header in ordinate axis hiThe stats command below allows me to display data in a table panelI would like to display the fields header in an o... by jip31 Motivator in Splunk Search 07-23-2020 0 3	0	3
How to count IPs that match fields in two different searches? I need to create a search that counts IPs which return events for two different fields in the same index. Search 1 wi... by sbhuie New Member in Splunk Search 07-23-2020 0 5	0	5
Splunk dashboard HI Team ,i need to edit existing dashboard and need to display :time taken for 90, 97 and 99 percentile of transactio... by splunkuser_tr Observer in Splunk Search 07-23-2020 0 3	0	3
How to get the missing devices in a index comparing with yesterday Hi,index=myindex \|search name=*\| bin span=1d _time \| stats dc(name) as name by _timehere i am getting the number of n... by surekhasplunk Communicator in Splunk Search 07-23-2020 0 1	0	1
savedsearch command replace with a literal string not working Hi using a Report (cause I need to allow permissions to the data) in a dashboard passing tokens. Looking at the docs,... by chrisboy68 Contributor in Splunk Search 07-23-2020 0 4	0	4
How to send a calculated multivalued field from a search as an input to another search Hello Everyone!I have a scenario to extract a particular set id's from index1 in search1 and run a search2 on index2 ... by kiru2992 Path Finder in Splunk Search 07-23-2020 0 3	0	3
Pass splunk command from lookup table for execution Hi,I am very new in Splunk and need some help to understand Splunk command execution structure.Case: We are having in... by rahul15601 Engager in Splunk Search 07-23-2020 0 3	0	3
CLI search query not giving results. Working fine on searchhead GUI Hi,/opt/splunk/bin/splunk search " index=** sourcetype="***:proxylogs" earliest=-15m@m latest=now \| fields actio... by Reethika Path Finder in Splunk Search 07-23-2020 0 1	0	1
Why am I receiving this error? Hi @gcusello ,While running the following search we are getting error as stated in topic.Search: \|dbquery wmsqlprd "... by rahul2gupta Path Finder in Splunk Search 07-23-2020 0 2	0	2
Check certificats Hello,I make a script that retourne a certificats list in Excel form then I display uniquely the certifcat about to e... by miguel1423 Explorer in Splunk Search 07-22-2020 0 2	0	2
help on single panel abackground color following value displayed hiIn the code below, I would like that if the condition "No patch in late" in my single panel = true, the color back... by jip31 Motivator in Splunk Search 07-22-2020 0 0	0	0
Melding continuation events while cherrypicking data from each Hello all,I've tried to search here and through search engines with no luck. I can't seem to get the knack for refer... by CrailAtWork Engager in Splunk Search 07-22-2020 0 3	0	3
Change a value in the output field. Hi all,I need help in changing an output that getting from below search to be changed. index=itsm \| stats count by C... by jerinvarghese Communicator in Splunk Search 07-22-2020 0 2	0	2
How to replace field value of one event with another event? This is the data set from Fundamental 1. A lot of successful purchase events with same 'ProductName' doesn't include ... by FaridHamidi Engager in Splunk Search 07-22-2020 0 1	0	1
How to create graphs for two different values of same field? Hello, i have a splunk query like this index=someindex container_name=app ( cookie=*cookie1" OR cookie="cookie2" ) e... by bullriser New Member in Splunk Search 07-22-2020 0 1	0	1
Why does the REST Search in json format returns duplicate results? I'm performing a REST Search that ends with a \| table command When I configure the script to csv format, I get 5 even... by chris94089 Path Finder in Splunk Search 07-22-2020 0 1	0	1
how can we change forwarder sourcetype? I have a problem with parsing, so I want to change the sourcetype. ex) index=A sourcetype=A → index=A sourcetype=B ... by lifekis Explorer in Splunk Search 07-22-2020 0 8	0	8
How to search Regex to Detect CVE-2020-0688 Vulnerability? Hi As you know one of the latest vulnerability was CVE-2020-0688 on microsoft exchange server. so I'm trying free spl... by MBashiri New Member in Splunk Search 07-22-2020 0 2	0	2
What does the _bump endpoint do? I saw an explanation of the "refresh", up the .conf files and I found the _bump command, but do not know what it is f... by renanprado96 Path Finder in Splunk Search 07-22-2020 0 3	0	3
stats count eval match issue I have a generic search that is looking for logins and there is a field that has two values – “authentication” for a ... by jwalzerpitt Influencer in Splunk Search 07-22-2020 0 3	0	3
replace one backslash by double backslash Hello! I need to provide search only in earliest source in my sourcetype. I use this search request for this purpose... by ryastrebov Communicator in Splunk Search 07-22-2020 1 6	1	6
Add a column that is the difference of the first two columns. So suppose that everyday Splunk takes in a report that houses 9 different fields, one of which is called 'status'. St... by Username1 Path Finder in Splunk Search 07-22-2020 0 2	0	2
Linechart with clustered data Hi all, I need to show the number of concurrent logged users within the last 30 days. What I would like to have is a ... by paxo Loves-to-Learn Lots in Splunk Search 07-22-2020 0 1	0	1