Splunk Search

Community Activity

Corrupted fields problem I have a problem on this search below for last 25 days: index=syslog Reason="Interface physical link is down" OR Rea... by dunyaelbasan Path Finder in Splunk Search 06-11-2020 0 4	0	4
bullet points in date value and can't strptime() For some reason there are invisible bullet points being extracted from the windows event message and I cant seem to b... by smahoney Path Finder in Splunk Search 06-11-2020 0 1	0	1
I want to write a search that should give me certain values at certain time Hi,I am expecting an event at 7:15 and I want write a search that should give me results as below: If event arrived a... by Abha11 Explorer in Splunk Search 06-11-2020 0 1	0	1
Identify Unique events across all fields for different time Hi,Below is my result after doing, xyseries Date_Time,APPROVAL_STATUS,ACT_UW_COUNTDate_TimeAPPROVEDBACK TO SALESDECL... by jsharma33 Observer in Splunk Search 06-11-2020 0 1	0	1
Read character data where or was expected HiI'm using .Net (Splunk.Client) to search splunk data (firewall logs). Code is similar to this: using (SearchResult... by Skrub New Member in Splunk Search 06-11-2020 0 0	0	0
Chart count with timespan I have a query that produce a sample of the results below.DateTimeNamespaceType18-May-20sys-uatCompliance5-May-20emit... by timyong80 Explorer in Splunk Search 06-11-2020 0 2	0	2
How to populate multiple fields from lookup csv into search results Hi, I am needing to pull multiple fields from a lookup CSV into the results from a proxy search Primary search is: ... by tkiermaier_shel New Member in Splunk Search 06-11-2020 0 3	0	3
Not Getting result while trying to pass result of one query to other Hi All,I'm trying to pass result of one query to other. but not able to achieve this.Can someone help on this.Query1i... by kirrusk Communicator in Splunk Search 06-11-2020 0 2	0	2
How to rank dynamic scores with ties in Splunk? I have dynamic number of scores that I wanted to be ranked. For example I have 5 scores - 100, 100, 99, 98, 98. The t... by rolly_deguzman New Member in Splunk Search 06-10-2020 0 3	0	3
need to create separate field which will show rank based on event Count ComputerName Events Rank ABC 100 1 BCD 200 2 CDE 300 3 i need to creat... by shivareddysompa Explorer in Splunk Search 06-10-2020 0 15	0	15
multiselect table rows Hi, I am currently trying to multi-select table rows. So basically I want to select multiple rows and on selction ,s... by 493669 Super Champion in Splunk Search 06-10-2020 1 25	1	25
Global time picker on the dashboard not working on savedSearch I have 2 saved searches (non-transforming) on my dashboard and those are set to run every morning collecting data for... by thenormalone Path Finder in Splunk Search 06-10-2020 0 2	0	2
Kubernetes logs spamming Splunk We are having issues with Kubernetes containers spamming Splunk with 100's of gb's of logs sometimes. We would like t... by gschwel New Member in Splunk Search 06-10-2020 0 0	0	0
Issue with websphere sourcetype add-on Hi, We recently installed splunk add on for websphere source type "ibm:was:serverIndex" for websphere logs.When manua... by pdantuuri0411 Explorer in Splunk Search 06-10-2020 0 0	0	0
Time difference within a transaction command I have a search that uses the transaction: \| transaction startswith=<...> endswith=<...> Command to group it int... by tbrown Path Finder in Splunk Search 06-10-2020 0 2	0	2
Splunk Search for Total Values Hello There,I have got a search result as given below (without the highlighted row, i.e. Total):AnalystMonthTotal Cou... by madhav_dholakia Contributor in Splunk Search 06-10-2020 0 4	0	4
Display lines before and after the results of your string search I want to do a specific string search, say "mary had a little lamb" and have it return the results including the 5 li... by jtpryan New Member in Splunk Search 06-10-2020 0 1	0	1
Is there a limit on the search terms or the number of AND/OR conditions? I create a search query as follows: sourcetype="websense:proxy" \| table src_host policy \| dedup src_host policy \| ... by nareerat_pr Explorer in Splunk Search 06-10-2020 0 1	0	1
How to add a conditional statement in searchmatch? Hello, I'm new to Splunk, so please pardon me if this is too easy of a question.I'm trying to list attempted operatio... by ank15july96 Engager in Splunk Search 06-10-2020 0 3	0	3
Need to extract Workweek from date I have a date like 2020-06-08 06:39:49.0 I need to extract workweek from it. Thanks in advance. by shivareddysompa Explorer in Splunk Search 06-10-2020 0 3	0	3
Add avg to xyseries I have a column chart that works great, but I want to add a single value to each column. The columns represent the su... by seomaniv Explorer in Splunk Search 06-10-2020 0 3	0	3
Search by lookup file did not return all results I have a base search that produces a lookup that contains a million rows. When doing inputlookup, it displays the num... by timyong80 Explorer in Splunk Search 06-09-2020 0 1	0	1
Matching fields from different indices to return another field Hi, I have two different indexes where I need to match a field and if true, return another field. First Search (Index... by izyknows Path Finder in Splunk Search 06-09-2020 0 8	0	8
Zero results when searching with Splunk Powershell Module. I am experiencing an odd behavior with my Splunk module for powershell. A search query that on the web interface woul... by cmlombardo Path Finder in Splunk Search 06-09-2020 0 3	0	3
search with parameters Hello, I have this query: index=prod eventtype="csm-messages-dhcpd-lpf-eth0-listening" OR eventtype="csm-messages-dhc... by sarit_s Communicator in Splunk Search 06-09-2020 0 8	0	8