Splunk Search

Community Activity

Different event count from base search compared to summary index search of base search? Can someone explain to me why when I run my base search, it has exponentially more Events in the same time frame comp... by antoniolamonica SplunkTrust in Splunk Search 07-10-2024 0 1	0	1
Rex help Hi, I have a search result with the field message.log, and the field contains this example pattern /opt/out/instance/... by smineo Engager in Splunk Search 07-10-2024 0 4	0	4
Making a table with Eval and Top results Hello! I'm trying to separate the latency results with Eval by dividing in 3 categories and then showing the percenta... by GabrielSantos Engager in Splunk Search 07-09-2024 0 5	0	5
dropdown via js search splunk Hello,I need your help for something.I want to get a dropdown via using a result from a search with using js. I want... by anissabnk Path Finder in Splunk Search 07-09-2024 0 4	0	4
Addtotals does not include 'Other' When I add a limit to a timechart to reduce the number of visible series (improve dashboard performance) it changes t... by jvamplew New Member in Splunk Search 07-09-2024 0 4	0	4
Percentage by field with search I'm trying to get a percentage of a field, based on a condition (filtered by search) by another field.e.g. percentag... by Idodox Engager in Splunk Search 07-09-2024 0 2	0	2
Extract field names from CSV header Hi Team,my CSV file contains a field like bellow (1st line in CSV) How can i create transformation for field extracti... by JIthesh_Kumar Explorer in Splunk Search 07-09-2024 0 4	0	4
Taking Tutorial. Why are No Events Found? I am taking the Pluralsight tutorial. I have followed all the steps very carefully in the "Demo: Getting Data into Sp... by NateFromAlbany Observer in Splunk Search 07-09-2024 0 6	0	6
Extract from Multiple Fields and Consolidate using Stats Count Hi Team, I have two different fields (Ex. A and B). Value A will come for some results and B will come for some. Whil... by sridharadurthi Engager in Splunk Search 07-09-2024 0 16	0	16
how to extract the message field into multiple fields from windows Message field I want to extract the below field into two fields i want to extract the Name and version both as two fields can some ... by srinivasmanikan Engager in Splunk Search 07-09-2024 0 1	0	1
how to exclude a events in the search query if the events is present in the other index I have a scenario where events are coming from one index =sample field= status as status 1, 2, 3, 4 , and 5. I have t... by Rajiv_splunk Path Finder in Splunk Search 07-09-2024 0 1	0	1
saved searches How to get all saved searches with their names and their respective search by Siddharthnegi Contributor in Splunk Search 07-09-2024 0 1	0	1
saved search I have a saved search but I don't know the name of that saved search how do I get it. by Siddharthnegi Contributor in Splunk Search 07-08-2024 0 5	0	5
How to count based upon relative_time ? I think what I am trying to do is relatively easy ?I want to query looking back -8 hours then count the # of events t... by sjringo Contributor in Splunk Search 07-08-2024 0 9	0	9
Matching regular expressions in lookup table against field in index I have a lookup table containing a list of regular expressions, and am trying see if there are matches against a fiel... by madcow Loves-to-Learn Lots in Splunk Search 07-08-2024 0 4	0	4
traverse through each record and check whether that ticket breached SLA or not Hi All,I have one set of output having 8 closed tickets for two consecutive months as a result of splunk query. I als... by avi123 Explorer in Splunk Search 07-08-2024 0 1	0	1
Location by Octet I have a Linux Environment and SSH is a thing here. I need to show SSH log in with location. I got the map to work bu... by sgtwolf1 Explorer in Splunk Search 07-08-2024 0 4	0	4
Query to find records in different events I have thousands of records (events), I would like to search field a if it exists in field b of other event (record).... by mendi Observer in Splunk Search 07-08-2024 0 3	0	3
How obtain the sum of a multivalue field In each of my events, I have a field named watched. The watched multifield contains the array of integers. Is it poss... by cgong New Member in Splunk Search 07-08-2024 0 9	0	9
$1234,000 i need to remove strings from value but value are not change by vareddy Observer in Splunk Search 07-08-2024 0 2	0	2
Run makeresults command through REST API is giving error I receive the following error while trying to execute a simple "makeresults" command by using REST API call:Used endp... by denissotoacc Path Finder in Splunk Search 07-08-2024 0 3	0	3
issue with "_time" after using fit command in DLTK Hihere is the default spl of App: Splunk App for Data Science and Deep Learning (Time Series Anomalies with STUMPY -T... by indeed_2000 Motivator in Splunk Search 07-08-2024 1 2	1	2
Want to filter events based on the existence of a field with the same value in a different log Hello, I'm doing a detection for an event on the same index with 2 logs, I want to filter events of Event A based on ... by Josh1890 Explorer in Splunk Search 07-07-2024 0 3	0	3
Splunk search HI, i am new to Splunk and trying to gain hands-on experience, i am facing trouble to search the data based on this q... by s_unny Loves-to-Learn Lots in Splunk Search 07-06-2024 0 4	0	4
Field exists with multiple hosts I've got two servers providing me temperature data. Host A has Sensor1 and Sensor2. Host B has Sensor1 and Sensor2. ... by scottmkirkland Explorer in Splunk Search 07-06-2024 0 2	0	2