Splunk Search

Community Activity

Transpose lines to Column {<!-- --> "DbMaintenanceDailyRoutineSummary": {<!-- --> "success": [ {<!-- --> "server-002": [ {<!-- --> "vacuum"... by felipesodre Path Finder in Splunk Search 06-29-2020 0 7	0	7
Finding matches between 3 different indexes. I have the following case: I have 3 different indexes (A, B and C). My goal is to find what percentage of the devices... by assennikolov Explorer in Splunk Search 06-29-2020 0 4	0	4
How do you completely remove Saturdays and Sundays from displaying on a timechart? Hello, was looking at this topic : https://answers.splunk.com/answers/112838/how-can-you-restrict-a-timechart-to-di... by Zakary_n Path Finder in Splunk Search 06-29-2020 0 6	0	6
Iterate search over multiple field values Hi,I've created a search which is based on 1 field value but I need the search to run over many field values. Rather... by Sam1 Explorer in Splunk Search 06-28-2020 0 2	0	2
get the last element of repeating json payload I have a repeating j son payload appearing in my logs.I am interested in capturing the last payload from the logs.rig... by sharathk0525 Observer in Splunk Search 06-28-2020 0 5	0	5
Help with timewrap Command Hi, I am trying to show a comparison of traffic on my website for today, yesterday and last week. I am using below qu... by Shashank_87 Explorer in Splunk Search 06-28-2020 0 3	0	3
Splunk query for UPtime and Downtime? Hi Folks, Can anyone please help in forming the query for internal splunk components up and downtime reporting, i f... by Inayath_khan Path Finder in Splunk Search 06-28-2020 0 2	0	2
join/append two queries Hi, I have two different queries, I want to join two columns.Below is my query: `macro`msg="Finish import*" OR msg = ... by smahuja Explorer in Splunk Search 06-28-2020 0 1	0	1
Group by and sum Hello - I am a Splunk newbie.datetimeSrc_machine_nameCol1Col31/1/2020Machine1Value1Value21/2/2020Machine1Value1Value5... by thedonaldblake Engager in Splunk Search 06-28-2020 0 1	0	1
Regex search through splunk Is there a method to do "AND" while writing regex instead of "OR" . As when i write a reg and add to regex _raw="expr... by vplunk Explorer in Splunk Search 06-28-2020 0 2	0	2
How to calculate uptime percentage based on my data? Lets say my data is like this: 8/27/12 10:30:00.000 AM server=test1 and status=Down 8/27/12 10:29:00.000 AM server=t... by rakes568 Explorer in Splunk Search 06-28-2020 1 5	1	5
Splunk Search Hellois there a length limit in the search.? I have been using NOT operator in my query extensively due to error code... by snagatho New Member in Splunk Search 06-27-2020 0 1	0	1
When running the delete dups search, I'm reaching the 10k limit. How do I increase it? I'm trying to delete dups using this method here: https://community.splunk.com/t5/Splunk-Search/How-to-delete-duplica... by whoami_root Observer in Splunk Search 06-27-2020 0 1	0	1
Check multiple hosts for existence I have list of around 100 hosts that are sending data to index and I would love to return a table with hostname and s... by seva98 Path Finder in Splunk Search 06-26-2020 0 2	0	2
After 10000 records in lookup, new records are not getting appended. Any solution? Hi,I have used the below saved search to append the data every 15 mins into the lookup file. I use the lookup file in... by spkriyaz Path Finder in Splunk Search 06-26-2020 0 6	0	6
Looking to rewrite a join across several indexes with somewhat unusual relationships (I am reposting this question from email, with permission from the person who emailed)I need to basically join 3 inde... by sideview SplunkTrust in Splunk Search 06-26-2020 0 5	0	5
Using fireall logs to find hosts that do not use a specific protocol I have the following query for PAN firewall logs:index=pan app=ssl\| stats count by srcThis would give me a list of al... by john_byun Path Finder in Splunk Search 06-26-2020 0 3	0	3
Summary Index - Eval Issue - Need both combined & segregated data Hi Splunk ExpertsI've created a summary index where it contains 6 eval cases, for example:eval 1=case(match(something... by gopiven Explorer in Splunk Search 06-26-2020 0 3	0	3
How to show data from different regions as Today's Hi Splunkers,I have different queries that get the age of a ticket only counting the business hours. I need to do dif... by Wheresmydata Explorer in Splunk Search 06-26-2020 0 3	0	3
Splunk is not working. localhost refused to connect. This site can’t be reached localhost refused to connect. Did you mean http://localhost8000.com/? Search Google for lo... by clgzcom New Member in Splunk Search 06-26-2020 0 12	0	12
How to find last of A and first of B in one query? Considering the following two messages: sourcetype="PCF:log" cf_app_name=app1 msg="launch processing started" UserID:... by mrhodes93 Explorer in Splunk Search 06-26-2020 0 3	0	3
read (or get) file data without monitoring how can i read or get data from .txt file without monitoring(indexing) the file data. by medsy Explorer in Splunk Search 06-26-2020 0 1	0	1
timechart to display calculated values Trying to display Percentages on Timechart , but it's not working. Base search \| fields APP Usage_kb \| eval Usage_gb=... by kirrusk Communicator in Splunk Search 06-26-2020 0 3	0	3
Correlate one field with other field to locate repeated value aid SHAabc 12345 12345ujdk ... by kuriakose Explorer in Splunk Search 06-26-2020 0 2	0	2
The values of the table are made to come to the start of the column instead of filling zeros Hi,I am writing a search to create 3 columns of data P,F and C based on Teams.The table which I expect is thisTeamsPC... by priyaramki16 Path Finder in Splunk Search 06-26-2020 0 2	0	2