Splunk Search

Community Activity

How to extract three latest values of a field by field? Hi! I have different events and for every event i have a list of reasons. I want to display only three of the reasons... by pomazanelvira New Member in Splunk Search 03-23-2020 0 3	0	3
Unable to extract substring from the string in splunk I have an requirement to get only the exception related substring from the splunk log, My log will be in the followin... by karthikarsmarte New Member in Splunk Search 03-23-2020 0 1	0	1
Join two searches with the latest field Hello, Is it possible to perform a join type=left to another search by combining the also the latest field? Example... by vpaschalidis Loves-to-Learn in Splunk Search 03-23-2020 0 11	0	11
Splunk lookup table info and search Hello Splunkers, Can you help me below case to build splunk search. I have firewall data coming to index=firewall... by Splunk_rocks Path Finder in Splunk Search 03-23-2020 0 1	0	1
How to create a regex to extract data from windows event? I have an event code 33205 which comes from Windows application logs, for which field extraction is not happening eve... by gndivya Explorer in Splunk Search 03-23-2020 0 9	0	9
Extract field on index Hi I’ve create index and want to extract fields on it. is possible through the web interface or i should edit specif... by indeed_2000 Motivator in Splunk Search 03-23-2020 0 3	0	3
exclude results near a match (ie exclude match AND +- 2 seconds) I cant imagine this is possible, but splunk continuously surprises me, so ill ask: Is there anyway to exclude resul... by spunk311z Path Finder in Splunk Search 03-22-2020 0 1	0	1
Why is the number of host values for the same time period different in tstats vs search on wineventlogs? I search the same time period in wineventlogs for host values with tstats (37,558) and with regular search (42,008): ... by landen99 Motivator in Splunk Search 03-22-2020 1 1	1	1
Overlay value in time chart There are multiple programs running every day and I want to visualise the volume and duration of each program by day.... by tanasami New Member in Splunk Search 03-22-2020 0 2	0	2
Multiple value for the same field in one event.How to determine statistics I have an event having 3 errors..I have a regular expression written to capture the error as "ERROR".And now i have a... by prettysunshinez Explorer in Splunk Search 03-22-2020 0 11	0	11
Using multiple parameters for regexp host extraction Dear community, I am lost in creating a regexp that will ease up my data input creation. So I do have a file share be... by patrickprodoehl Explorer in Splunk Search 03-22-2020 0 2	0	2
\|dbxquery query="SELECT DISTINCT last_name FROM hr.employees" connection="ORCL_PDB1_CONN" Building a Dashboard dropdown. The following query works fine and there are no duplicates in the resultset however t... by jaxxsplunk Explorer in Splunk Search 03-21-2020 0 2	0	2
Tail and head commands for two different values on same field Hi Experts, I have a requirement. I have a field called 'exception' and it has two values. one as 'open file' and a... by Allampally Path Finder in Splunk Search 03-21-2020 0 3	0	3
lookup access across non-clustered search heads Hello experts and splunkers, I have a splunk environment which consists of 2 Search Heads, which are not clustered -... by takashi6 Explorer in Splunk Search 03-20-2020 0 2	0	2
Assistance on search using appendcols where the subsearch can have a different number of rows I am having issues with a search / Sub-search with appendcols when the number of rows are different. I have a summa... by dsbruce Explorer in Splunk Search 03-20-2020 0 2	0	2
Evaluate a new column based on formula from a lookup file Hello! Have this requirement: Have a business process. For each business process, some KPIs have been identified. H... by its_shubham Engager in Splunk Search 03-20-2020 0 6	0	6
AVG Count of a error message Good morning, I log different error messages in SPLUNK and want to get the average number of each error message and... by 123michi19 Explorer in Splunk Search 03-20-2020 0 3	0	3
strip portion of an email I am needing to strip a portion out of email's. I have a list of email addresses where some of them contain -priv be... by brownt61 Explorer in Splunk Search 03-20-2020 0 4	0	4
how to rank or group similar data together ? Hi all, I have a requirement as below, When there is a name field, I want it to be ranked similar names together Na... by johnsasikumar Path Finder in Splunk Search 03-20-2020 0 2	0	2
Difference between two times Hi, I have two fields in my report. Time_Created and Time_Closed. They are for time an incident ticket was created a... by mbasharat Builder in Splunk Search 03-20-2020 0 6	0	6
how to table job names at each time Hi Guys, I have the following query which i am showing line chart in a panel, how ever i want to show the jobnames a... by pench2k19 Explorer in Splunk Search 03-20-2020 0 1	0	1
Avoiding renaming multiple columns using time based streamstats Hi there, I'm trying to create a time series data using streamstats function. Got it figured out, but is there any ... by hollybross1219 Path Finder in Splunk Search 03-20-2020 0 2	0	2
Lookup in a lookup table with multivalue fields Hello, I have a lookup table that looks like below: dns ip server1 ip1,ip2,ip3 server2 ... by vpaschalidis Loves-to-Learn in Splunk Search 03-20-2020 0 1	0	1
Is it possible to only return events that have no corresponding start or end transaction event? Hi Splunk community, I'm currently trying to correlate different event sources and events with each other. My sear... by horsefez Motivator in Splunk Search 03-20-2020 0 6	0	6
Cannot access results of a Searchmanager in a for loop I have a dashboard that should perform a dynamic number of searches. For this purpose I created a search manager, whi... by mariuswal New Member in Splunk Search 03-20-2020 0 0	0	0