Splunk Search

Community Activity

Timechart count by a changing field name I receive a new csv file every day in the following format:color 1/22/20 1/23/20 1/24/20 1/25/20yellow 1 ... by richnsanders_70 Path Finder in Splunk Search 07-01-2020 0 4	0	4
external_lookup.py is missing Hi,I'm trying to setup a DNS lookup following the instructions her: https://docs.splunk.com/Documentation/Splunk/8.0.... by chrkohm Path Finder in Splunk Search 07-01-2020 0 1	0	1
How to use makemv with tokenizers while keeping non-matching events? Hi, I have events similar to this example: 1) date1, id1, misc 2) date2, id2, misc 3) date3, , misc 4) date4, id3 and... by Gunnar Explorer in Splunk Search 07-01-2020 0 2	0	2
How do you use regex to escape a backslash? Hi, I have the following regex which works on regex101, but gives me an error when I try and use this within a Splun... by jacqu3sy Path Finder in Splunk Search 06-30-2020 0 7	0	7
Fast mode being set automatically I always use Verbose mode Sometimes I open splunk and it is set as Fast mode as default, why is splunk switching from... by gmuller1 Engager in Splunk Search 06-30-2020 0 4	0	4
Can i display panel with Even or Odd Click on chart ? Hi all,Can i display left and right panel based on Even or Odd Click ?For example,I have a chart. And a row with titl... by akira2211 Explorer in Splunk Search 06-30-2020 0 4	0	4
How can we compare two dynamic field values from two lookups Hi All,I am urgently looking for a help . I have one field object_name which is present in lookup X1.csv and has valu... by Trishla Loves-to-Learn Lots in Splunk Search 06-30-2020 0 1	0	1
How to timewrap using the last 1 hour and check the same hour for previous 7 days Hi everyone,I want to create an alert which runs every hour, checks the last 60 minutes of events to get the count nu... by Sam1 Explorer in Splunk Search 06-30-2020 0 6	0	6
Stuck yet again. percent difference between two searches So i have this search: index="sense_power_monitor" \| where 'usage_info.solar_w'>=0 \| bin _time span=1h \| stats co... by pir8radio Path Finder in Splunk Search 06-30-2020 0 3	0	3
Idle log i need script in SPL to show when there is an idle forwarder or if a forwarder isn't forwarding by saotaigiri Path Finder in Splunk Search 06-30-2020 0 9	0	9
How to get a comma separated List Hello all,I am hoping for help creating a comma separated list. I have tried multiple different things and all have ... by brownt61 Explorer in Splunk Search 06-30-2020 0 2	0	2
DB connect issue Hi Team,I have created connection for oracle DB in db connect app. When i am trying to run the sql query in DB connec... by vin02ptl Explorer in Splunk Search 06-30-2020 0 5	0	5
HTTP Event Collector multi-line merge for a container Using splunk 8.0.2.1I have a container (spring boot that uses tomcat underneath) that I'm running that I'm attempting... by markthill Engager in Splunk Search 06-30-2020 1 1	1	1
Plot step function to display state change of machines based on timestamp? We have a list of machines in our system with their state change as On or Off along with timestamp. 2017-07-11 12:3... by rakes568 Explorer in Splunk Search 06-30-2020 0 4	0	4
Count values in array of objects based on other attributes in that object I have an array of objects containing field componentType with value "Software" or "Licenses". In the same object t... by krussche Observer in Splunk Search 06-30-2020 0 2	0	2
Extracting values from multivalued field and merging For example :these are some part of my logs:sender= xyz(receiver=a, receiver =b) sender= abc(receiver=a,receiver =d)s... by Dhruvi Explorer in Splunk Search 06-30-2020 0 1	0	1
How to use join on fields with wildcards (hyphen "-", ampersand " &" doesn't work) For one of our project , we are running the join on fields that contain hyphen or ampersand and it doesn't work. Let'... by mlevsh Builder in Splunk Search 06-30-2020 0 4	0	4
Separate values from multi valued field I have to write query for extracting out the values from multi valued fieldexample field: Region=America, AfricaRegio... by Dhruvi Explorer in Splunk Search 06-30-2020 0 4	0	4
splunk subsearch query help Hi,I have a main query which returns below 4 columns:rule, result, name, departmentNow i have to add another query as... by surekhasplunk Communicator in Splunk Search 06-29-2020 0 1	0	1
How to get duration between a start and stop event and trigger an alert if duration is greater than 1 week? Here the logs I have 04/24/2017 02:42:08 PM LogName=System SourceName=Microsoft-Windows-Service Control Manager Eve... by dmenon84 Path Finder in Splunk Search 06-29-2020 0 8	0	8
Monitoring disk space Hi, I'm using the following search to monitor disk space. I have 2 partitions, drive D and E. I am only returning ... by steveo2 Engager in Splunk Search 06-29-2020 0 1	0	1
Why do I have to use eval for this search? Hi everyone, Why does this search return nothing \| stats count(status=200) AS Success While this search returns wha... by adamfrisbee Explorer in Splunk Search 06-29-2020 0 5	0	5
DBSCAN Cluster Visualization Interpretation, Machine Learning Toolkit Hi!I used the "Cluster Behavior by App Usage" example in the Clustering Numeric Fields workflow within the Splunk ML... by michaelsplunk1 Path Finder in Splunk Search 06-29-2020 0 0	0	0
searching the records of the table with empty field Hi I have an interactive dashboard with form inputs, i have set default value as * for all the form inputs, depends o... by Mubarish Path Finder in Splunk Search 06-29-2020 1 4	1	4
SPL For-Loop Hi allI am using following SPL to loop through HTTP Request data in order to extract fields and values and I have 2 i... by me74fhfd Path Finder in Splunk Search 06-29-2020 0 1	0	1