Splunk Search

Community Activity

Change other in Pie Chart (not in a dashboard panel) Hello, I want to change the field "other(n)" in a pie chart within the search results, not in a dashboard panel. Inst... by genesiusj Builder in Splunk Search 04-17-2020 0 0	0	0
"Other" values in pie chart Hi, Short explanation of my problem: I'm investigating a problem where two file downloads are apparently interrupted... by echalex Builder in Splunk Search 04-17-2020 1 11	1	11
How do I display a table with the fields extracted from regex? I built a regular expression to extract fields from a log file. However, after extracting I am not able to display th... by gvssaicharan Engager in Splunk Search 04-17-2020 0 3	0	3
How can we prevent users from creating knowledge objects within the Search app? A similar question as in Is there a way to prevent users from saving knowledge objects in the Searching and Reporting... by ddrillic Ultra Champion in Splunk Search 04-17-2020 0 7	0	7
Rename Extracted Fields Name Is there a way to rename the extracted fields in the Interesting Fields section? Example would be Interesting Fields... by wwhite12 Path Finder in Splunk Search 04-17-2020 0 3	0	3
Is there a systemd unit file for Splunk? systemd replaces SysV init scripts and some Linux distributions are migrating to or currently support systemd (such a... by Yorokobi SplunkTrust in Splunk Search 04-17-2020 14 66	14	66
Need to extract elapsed time hi, I have a query with the below mentioned resultset logger: com.optum.bh.benefit.plan.api.BhBenefitPlansResource ... by vipulg83 New Member in Splunk Search 04-17-2020 0 10	0	10
How to sum multiple columns by multiple names? Hi, how do I sum multiple columns using multiple columns? For instance, my data looks like this: How do I get two ... by tarantula Engager in Splunk Search 04-17-2020 0 1	0	1
How to subtract _time field from Multifield value Hello I have a search with an MV Value this is called HeartBeatTime. I like to create an allert when the HeartBeatTim... by zhonk Explorer in Splunk Search 04-17-2020 0 8	0	8
Has any one created SPL query for detecting Lateral movement of users I am currently trying to create a SPL query to detect any suspicious lateral Movement to be detected from windows log... by dikshaj Engager in Splunk Search 04-17-2020 0 1	0	1
spl query output mismatch index=_internal host=abc123 source="metrics.log" group=tcpin_connections fwdType=uf \|dedup hostname \|table hostname ... by vinitpathri Path Finder in Splunk Search 04-17-2020 0 6	0	6
match function is not working I have two fields called field1, field2. Both are having same value as "xyz" but when i try to compare them with matc... by Allampally Path Finder in Splunk Search 04-16-2020 0 3	0	3
サーチ結果からアラーム的にブラウザ側で音(MP3)を再生することはできますか。リモートワークがフォーカスされてきており、オペレーションセンターに勤務ができない状況が続いております。このため、今までアラームをパトランプでセンター側で鳴らしていたのですが、自宅でオペレーションすることになり、自宅側でもアラームを認識... by syazaki_splunk Splunk Employee in Splunk Search 04-16-2020 0 2	0	2
Timechart trend I have to show trends in one search: I'd like to have the results of last 24 hours and to compare it with the result ... by gcusello SplunkTrust in Splunk Search 04-16-2020 0 7	0	7
How to set a bar chart by quarter? I have the following code that shows leases that end in June. \| inputlookup Leases.csv \| rename "Lease End" as lea... by danielbb Motivator in Splunk Search 04-16-2020 0 4	0	4
Eval If - count one item against sum total of the rest of the items in the group Hi, So I a page with more than a few urls that represent that same page. However, one of these urls has a value that... by user93 Communicator in Splunk Search 04-16-2020 0 1	0	1
Customer count between two percentile count of API response times Hi All, I am little bit of a novice with Splunk, but I am curious to find the distinct number of customers between 9... by vibhorkhanna New Member in Splunk Search 04-16-2020 0 1	0	1
RegEx to Parse Field Containing Json Format I am attempting to parse logs that contain fields similar to the example below. Field name being ValidFilterColumns, ... by ahaveles New Member in Splunk Search 04-16-2020 0 3	0	3
Help with error from a custom command: ERROR SearchStatusEnforcer - sid:1536453655.14705 Search auto-canceled Hello, Splunk 7.1.3, Linux x86_64. One of my custom (SCPv1) commands errors when the number of events returned exce... by jibanes Path Finder in Splunk Search 04-16-2020 4 4	4	4
Query to find Memory in percentage How would i need to modify the below query to get Memory value in percentage when the threshold exceeds 90. Kindly su... by sureshkumaar Path Finder in Splunk Search 04-16-2020 0 1	0	1
Join Two Searches Using Matching ID - But Different Field Name Greetings, Our developers are logging what user views a particular web page and flag it via the "ID" field. If a us... by SplunkLunk Path Finder in Splunk Search 04-16-2020 0 1	0	1
Saved search failing with gen_id mistmatch Hi There, Recently one of our saved searches have been failing intermittently with the error below, the search is se... by jamesy281 Path Finder in Splunk Search 04-16-2020 2 6	2	6
props.conf to capture specific words from the log files How to capture only the words "successfully sent using abc.def.com" before indexing in splunk from the below log fi... by ashwinipatil007 New Member in Splunk Search 04-16-2020 0 3	0	3
Field Extractions During Search Time Hi Team, I want to do a field extraction during the search time itself so i want the following fields to be extracte... by anandhalagaras1 Contributor in Splunk Search 04-16-2020 0 1	0	1
how i can compare last 5 fields and exclude from result i want to compare if last 5 digits of user ID are same don't show in result how it can be done 0012345 abc0012345 xy... by saghiralmani New Member in Splunk Search 04-16-2020 0 2	0	2