Splunk Search

Community Activity

Calculating total in row Hi, I need help adding b+ c together to get a total, I will then calculate a percentage using a/combined b+c. Is thi... by khanyag1 New Member in Splunk Search 03-19-2020 0 11	0	11
Display data in timechart I'm using summary index to get data and display in timechart. but not able to create a time chart with the data. ind... by kirrusk Communicator in Splunk Search 03-19-2020 0 4	0	4
Can I update a CSV lookup file with more rows and how will this affect existing csv files and lookups? Looking at understanding better how lookups work in Splunk. As I understand it, there are 3 steps: 1. lookup table... by HattrickNZ Motivator in Splunk Search 03-19-2020 2 12	2	12
SA-Eventgen and Splunk SPL Examples - Help Generating Data Hello community, I've installed SA-Eventgen and SPL Examples as directed in the following .conf talk: https://conf.s... by dillardo_2 Path Finder in Splunk Search 03-19-2020 0 4	0	4
How to extract numbers correctly Hi! I have this field in my log: callerSipNumber="18121710_text". How should I extract "18121710" and name it "number... by pomazanelvira New Member in Splunk Search 03-19-2020 0 4	0	4
Log format validation I have frequently asked whether the fields are being extracted well. The easiest method to answer this question is t... by landen99 Motivator in Splunk Search 03-19-2020 1 2	1	2
How to get diff count and show field and result of diff Hello Splunkers, I have a trouble with the result, example i have some data log Goat \| alive Goat \| dead Goat \| ali... by mockingj New Member in Splunk Search 03-19-2020 0 4	0	4
regex to split names extracted from a string This is a little tricky to explain but I have this query: index = active_directory directReports=* sAMAccountName=* ... by nathanluke86 Communicator in Splunk Search 03-19-2020 0 2	0	2
項目名に変数の値を設定できるかお世話になります。項目名に月の値を入れたいです。現在検討している方法は別カラムに月の値(2020-03)を設定し、【予定】という項目の先頭に月の値(2020-03)をセットして、【2020-03予定】という項目名にしたいのですが、実... by 1014502 New Member in Splunk Search 03-19-2020 0 3	0	3
Regex assistance on match, capture, repeat - simple yet I can't! Good morning you lovely lot, I have a theoretically simple regex extraction, but it is slaying me. If one of you wou... by Barty Explorer in Splunk Search 03-19-2020 0 4	0	4
How can I extract a value from a field that have many content I have a field named "Message", the content as below: *Active Directory Domain Services could not use DNS to resolve ... by lllidan New Member in Splunk Search 03-18-2020 0 1	0	1
How to tell which transform applied to which event Is there a way to tell if a regex has been applied to an event? I'm doing field extractions and want a way to confirm... by Alan_Bradley Path Finder in Splunk Search 03-18-2020 2 10	2	10
Splunk query for getting the hosts that are not reporting but with a condition mentioned below? Hi All, I want to build a splunk query which will give us the host details, last_time_stamp, number_of_days_aged not... by abhi04 Communicator in Splunk Search 03-18-2020 0 0	0	0
How can I fix my field extraction? Hello I have a structured data source that puts out data in a table with headers and a footer row with a total. I go... by tkw03 Communicator in Splunk Search 03-18-2020 0 2	0	2
Search to identify the most volatile values in a field Hello Splunkers! I have the following fields being populated by 1000s of values every 1 minute: Name Cost E.g. Luk... by luke222010 Engager in Splunk Search 03-18-2020 0 2	0	2
help on tstats command hello I use the stats command below in order to count the number of index on which an host collect events \| stats dc... by jip31 Motivator in Splunk Search 03-18-2020 0 2	0	2
Getting average response after joining 2 sourcetypes Hello Splunk Community, I am trying to create dashboard with the following query but the query returns no results. I... by dminev1 Explorer in Splunk Search 03-18-2020 0 7	0	7
Compare inputlookup column with actual search Hi all, I have .csv file with the multiple columns. But only one will be used to compare results, name of that colu... by dblagojevic Engager in Splunk Search 03-18-2020 0 4	0	4
Help on field renaming wich dont works hi I use the serch below wich match the data present in 2 indexes following by host In LastLogonBoot, the field "host... by jip31 Motivator in Splunk Search 03-17-2020 0 11	0	11
How to limit results in a bar chart while still sorting by one of the values of column-split field? I have this search, where I am charting usage over id field (which is on x-axis) split by two columns - two values o... by nickrally2009 Explorer in Splunk Search 03-17-2020 0 6	0	6
dedup maximum value Assuming there are 2 columns - Date & count and there are duplicates date. How to dedup on Date and pick the maximum... by reverse Contributor in Splunk Search 03-17-2020 0 3	0	3
can someone help improve the efficiency of this query eventtype="" "screen" OR "ui1" \| stats count AS TotalEvents by product \| appendcols [search eventtype="" "ui2" OR... by sriyechuri New Member in Splunk Search 03-17-2020 0 8	0	8
Counting events based on IP Subnets I need to create a search to count the number of events in each geographic are of our network. Each geo area will co... by tsheets13 Communicator in Splunk Search 03-17-2020 0 6	0	6
Prevent mvexpand to show duplicate events when searching all events Related to this question: https://answers.splunk.com/answers/807988/splunk-search-show-results-from-json.html I bas... by panulpet Loves-to-Learn in Splunk Search 03-17-2020 0 12	0	12
Last record per hour I manage to extract the data from Splunk below: ID SignalStrength TimeStamp 01 3 ... by 627412 New Member in Splunk Search 03-17-2020 0 1	0	1