Splunk Search

Community Activity

	Missing data in tstats output Hi All, using below query but not getting complete output.If there is no data present for Response time for particul... by Harish2 Path Finder in Splunk Search 07-05-2024 0 1	0	1
	How to count the number of times each name is repeated? I have the following csv file: id,name,age,male 1,lily,10,girl 2,bob,12,boy 3,lucy,12,girl 4,duby,10,boy 5,bob,11,bo... by feelcool Explorer in Splunk Search 07-05-2024 0 1	0	1
	Some cloudwatch log collection errors I take a log using Python's print statement in lambda and save it in the cloud-watch log group.The log group is being... by junnn0021 New Member in Splunk Search 07-05-2024 0 0	0	0
	multifield key between indexes index=db OR index=app \| eval join=if(index="db",processId,pid) \| stats sum(rows) sum(cputime) by join Above is simple... by kp_pl Path Finder in Splunk Search 07-05-2024 0 5	0	5
	center align the x axis labels in timechart Hi Is it possible to center align the x axis labels in timechart, instead of them being in the left side of the bar ... by matansocher Contributor in Splunk Search 07-04-2024 0 10	0	10
	Drill down with transpose not working as expected to fetch the row and colomn values Drill down with transpose not working as expected to fetch the row and colomn values, as its not giving me the accura... by a508184 Explorer in Splunk Search 07-04-2024 0 5	0	5
	Display a custom text when results=0 How do I run a search against a sourcetype (which is very low volume), and display a custom text when there are 0 eve... by Richy_s Path Finder in Splunk Search 07-04-2024 0 13	0	13
	Can't Preview Source Type When Uploading Data I am trying to create a props.conf to pass a custom timestamp. To do so I wanted to upload data and use the set sourc... by HankinAlex Explorer in Splunk Search 07-04-2024 0 2	0	2
	indexer has stopped working Hello Splunk community, One of my indexes doesn't seem to have indexed any data for the last two weeks or so. This is... by Orange_girl Loves-to-Learn Everything in Splunk Search 07-04-2024 0 7	0	7
	Combining multiple field values for stats/charting I have a field in my data named severity that can be one of five values: 1, 2, 3, 4, and 5.I want to chart on the fol... by DATT Path Finder in Splunk Search 07-04-2024 0 4	0	4
	... \| append [ \| makeresults ] makes the search time explode I have a dashboard with multiple line charts showing values over time. I want all charts to have the same fixed time ... by rikinet Path Finder in Splunk Search 07-03-2024 0 5	0	5
	Remove results based on subsearch I'm looking to get all failed event log based on a field , and then trying to find the success event log for the same... by RamMur Explorer in Splunk Search 07-03-2024 0 2	0	2
	Query to show specified time per day in timechart Hi, I would like to create a time chart for a specified time suppose 8AM to 2PM everyday for last 30 days. I am able ... by Codie Engager in Splunk Search 07-03-2024 0 2	0	2
	Tracking user logon (standard and admin account) Windows AD Hello, I am looking to create a report of a search. I have a requirement of tracking user logon to window machines (A... by araiv1998 Engager in Splunk Search 07-02-2024 0 9	0	9
	Possibly to alert based on previous sample comparison HiPut simply, I am trying to wrap my head around how I can configure an alert to trigger is a metric is X% higher or ... by Silah Path Finder in Splunk Search 07-02-2024 0 6	0	6
	Grouping and counting based on different values HI Team, i am caught in a maze of how to use stats function to get the data in expected format i want. Sample data. ... by neerajs_81 Builder in Splunk Search 07-02-2024 0 4	0	4
	Display specific field in log by count I want to write the query which will number of count the event occurred and time taken for that. This is the log -lo... by Bhavika Loves-to-Learn in Splunk Search 07-02-2024 0 7	0	7
	Splunk Ingestion Metrics I am trying to get the ingestion per day in Terabytes for each index. I am using the below search which works, howeve... by scout29 Path Finder in Splunk Search 07-01-2024 0 3	0	3
	I need to display priority data for 7 days with the percentage, however am unable to display it in 7 days. I need to display priority data for 7 days with the percentage, however am unable to display it in 7 days. My below q... by a508184 Explorer in Splunk Search 07-01-2024 0 7	0	7
	Setup an alerts with events from Timestamp format Dear All,I want to setup an alert in an event. The event contains three timestamps, New Event time, Last update, and ... by devsru Explorer in Splunk Search 07-01-2024 0 3	0	3
	SOURCE_Key Extraction I Have used the below two events to test the SOURCE_KEY = <132>1 2023-12-24T09:48:05+00:00 DCSECIDKOASV02 ikeyserve... by AliMaher Path Finder in Splunk Search 07-01-2024 0 3	0	3
	How to convert CSV lookup to DBXlookup? How to convert CSV lookup to DBXlookup?The lookup using CSV worked just fine.The CSV was moved to the database and wh... by LearningGuy Motivator in Splunk Search 06-30-2024 0 1	0	1
	streamstats \| reset_after condition not applied within the scope of each user (field) Hi Team,What I'm trying to achieve: Find the consecutive failure events followed by a success event. \| makeresults \| ... by ralam Explorer in Splunk Search 06-30-2024 0 2	0	2
	Modification of query for detecting Successful Logins following Password Spray Attacks in Auth0 Logs Hello,I need some help with adjusting an alert for detecting a password spray attack using Auth0 logs in Splunk. What... by Cozy Loves-to-Learn in Splunk Search 06-30-2024 0 3	0	3
	Retrieve service depandancy with splunk entreprise hello i'm beginner in splunk. Currently, i'm working with splunk entreprise i want to retrieve microservices depandan... by Oum New Member in Splunk Search 06-30-2024 0 5	0	5