Splunk Search

Community Activity

Splunk query for UPtime and Downtime? Hi Folks, Can anyone please help in forming the query for internal splunk components up and downtime reporting, i f... by Inayath_khan Path Finder in Splunk Search 06-28-2020 0 2	0	2
join/append two queries Hi, I have two different queries, I want to join two columns.Below is my query: `macro`msg="Finish import*" OR msg = ... by smahuja Explorer in Splunk Search 06-28-2020 0 1	0	1
Group by and sum Hello - I am a Splunk newbie.datetimeSrc_machine_nameCol1Col31/1/2020Machine1Value1Value21/2/2020Machine1Value1Value5... by thedonaldblake Engager in Splunk Search 06-28-2020 0 1	0	1
Regex search through splunk Is there a method to do "AND" while writing regex instead of "OR" . As when i write a reg and add to regex _raw="expr... by vplunk Explorer in Splunk Search 06-28-2020 0 2	0	2
How to calculate uptime percentage based on my data? Lets say my data is like this: 8/27/12 10:30:00.000 AM server=test1 and status=Down 8/27/12 10:29:00.000 AM server=t... by rakes568 Explorer in Splunk Search 06-28-2020 1 5	1	5
Splunk Search Hellois there a length limit in the search.? I have been using NOT operator in my query extensively due to error code... by snagatho New Member in Splunk Search 06-27-2020 0 1	0	1
When running the delete dups search, I'm reaching the 10k limit. How do I increase it? I'm trying to delete dups using this method here: https://community.splunk.com/t5/Splunk-Search/How-to-delete-duplica... by whoami_root Observer in Splunk Search 06-27-2020 0 1	0	1
Check multiple hosts for existence I have list of around 100 hosts that are sending data to index and I would love to return a table with hostname and s... by seva98 Path Finder in Splunk Search 06-26-2020 0 2	0	2
After 10000 records in lookup, new records are not getting appended. Any solution? Hi,I have used the below saved search to append the data every 15 mins into the lookup file. I use the lookup file in... by spkriyaz Path Finder in Splunk Search 06-26-2020 0 6	0	6
Looking to rewrite a join across several indexes with somewhat unusual relationships (I am reposting this question from email, with permission from the person who emailed)I need to basically join 3 inde... by sideview SplunkTrust in Splunk Search 06-26-2020 0 5	0	5
Using fireall logs to find hosts that do not use a specific protocol I have the following query for PAN firewall logs:index=pan app=ssl\| stats count by srcThis would give me a list of al... by john_byun Path Finder in Splunk Search 06-26-2020 0 3	0	3
Summary Index - Eval Issue - Need both combined & segregated data Hi Splunk ExpertsI've created a summary index where it contains 6 eval cases, for example:eval 1=case(match(something... by gopiven Explorer in Splunk Search 06-26-2020 0 3	0	3
How to show data from different regions as Today's Hi Splunkers,I have different queries that get the age of a ticket only counting the business hours. I need to do dif... by Wheresmydata Explorer in Splunk Search 06-26-2020 0 3	0	3
Splunk is not working. localhost refused to connect. This site can’t be reached localhost refused to connect. Did you mean http://localhost8000.com/? Search Google for lo... by clgzcom New Member in Splunk Search 06-26-2020 0 12	0	12
How to find last of A and first of B in one query? Considering the following two messages: sourcetype="PCF:log" cf_app_name=app1 msg="launch processing started" UserID:... by mrhodes93 Explorer in Splunk Search 06-26-2020 0 3	0	3
read (or get) file data without monitoring how can i read or get data from .txt file without monitoring(indexing) the file data. by medsy Explorer in Splunk Search 06-26-2020 0 1	0	1
timechart to display calculated values Trying to display Percentages on Timechart , but it's not working. Base search \| fields APP Usage_kb \| eval Usage_gb=... by kirrusk Communicator in Splunk Search 06-26-2020 0 3	0	3
Correlate one field with other field to locate repeated value aid SHAabc 12345 12345ujdk ... by kuriakose Explorer in Splunk Search 06-26-2020 0 2	0	2
The values of the table are made to come to the start of the column instead of filling zeros Hi,I am writing a search to create 3 columns of data P,F and C based on Teams.The table which I expect is thisTeamsPC... by priyaramki16 Path Finder in Splunk Search 06-26-2020 0 2	0	2
TimeChart Display query result in text format Hello, I have a timechart with multiple fields, I want to append existing query or add new query to display one field... by smahuja Explorer in Splunk Search 06-26-2020 0 3	0	3
How can I merge search results from two different indexes based on common fields? Hi everyone,I'd be eternally grateful if someone could help point me in the right direction here. I'm trying to outpu... by driva Path Finder in Splunk Search 06-26-2020 0 1	0	1
How to pass list string as an arguments to Splunk macro Hi Splunk experts,I am a new face here. I have a task for multiple alerts creating. I am wondering is it possible to ... by thinhdinh Path Finder in Splunk Search 06-26-2020 0 9	0	9
Retain special characters at the end of field value I have an ID among other things that is extracted by Splunk DB Connect from a mySQL database. Whats special with the... by okheggdal Explorer in Splunk Search 06-25-2020 0 0	0	0
Filtering fields using a common field in two different sourcetypes fields in sourcetype1 --> A,B,C, txid ( always has a value)fields in sourcetype2--> D,E,F, txid ( may occur value for... by infotork Explorer in Splunk Search 06-25-2020 0 1	0	1
I need to split the requestPath eliminating the data Hi,Need one Help. I have the below mentioned requestPath where I am able to capture the whole path..But can't take a ... by vijaysubramania Path Finder in Splunk Search 06-25-2020 0 4	0	4