Splunk Search

Community Activity

	Help with search for average response time based on TotalTime value I have multiple log events like below based on my search criteria- 2020-03-11 08:23:55,141 - [UserId=xyz \| UserName=... by dhirajnangar Engager in Splunk Search 03-11-2020 0 3	0	3
	Help fixing string with newline that is not searchable Hi, if my string is "asdf .\r\n asdf" and I filter on that (Add to search) I get "No results found". Any idea how t... by sjova Engager in Splunk Search 03-11-2020 0 5	0	5
	add seconds or minutes every 50000 events Good afternoon Currently you try to index data to an index summary, but these events do not contain a timestamp so t... by efaundez Path Finder in Splunk Search 03-11-2020 0 2	0	2
	Timestamp comparison from an inputlookup Hi All, I do have cumbersome problem...I have a table built out from an inputlookup search. We have n-columns in this... by DomenicoFumarol Explorer in Splunk Search 03-11-2020 0 1	0	1
	Recommended No of Concurrent searches for the current infrastructure Hi, We have a single server machine, where Splunk enterprise edition is installed. Configurations, CPU - 1 Cores - 8... by viramamo Explorer in Splunk Search 03-11-2020 0 1	0	1
	is there a way to display each row in a table as a tile..? I want to show each row as a tile with different customization. 1. Based on the row value i should change the color o... by vinothn Path Finder in Splunk Search 03-11-2020 0 1	0	1
	lookup users that do not match users in search I have created a search to match search results for users to users in a lookup: \| inputlookup AD_User_LDAP_list appe... by nathanluke86 Communicator in Splunk Search 03-11-2020 0 12	0	12
	Using tokens in XLM dashboard table "fields" tag- fields won't update dynamically I have an XML form that has a select box control that allows users to select the fields they want displayed in the ou... by etoombs Path Finder in Splunk Search 03-11-2020 0 3	0	3
	Field extraction of multi-line event with header I have a script for Linux that executes "sar -n DEV" and formats the output to look like: Linux <kernel version> (<h... by ricotries Communicator in Splunk Search 03-11-2020 0 3	0	3
	How to trim splunk logs to get time and particular field Below are the sample entries from splunk. Highlighted the entries which i want to list down. Please suggest a splunk... by surendar123 New Member in Splunk Search 03-11-2020 0 8	0	8
	Icelandic unicode character - "Interesting fields" showing no result Hi, I'm writing json NLog files from Visual Studio into Splunk (with NLog WebService target). In my Splunk search r... by sjova Engager in Splunk Search 03-11-2020 0 0	0	0
	How to extract Json array of objects data into table format in Splunk ? Example data : We need to extract below json data into table format in Splunk ?link text "assets": [ {<!-- --> ... by harishalipaka Motivator in Splunk Search 03-11-2020 0 1	0	1
	Splunk Cloud rex extraction on search Attempt A index="w3c" \| rex field=_raw "?(sessionid=?)\w{8}-\w{4}-\w{4}-\w{4}-\w{12}" \| table ABC _raw Attempt B in... by onedarr New Member in Splunk Search 03-11-2020 0 5	0	5
	How to pull events on status events based on time stamps When someone gets activated and deactivated this data is consolidated -- always. My question is how can I separate ... by gregzee New Member in Splunk Search 03-11-2020 0 1	0	1
	List of top URLs with hourly count > 50 Hi, I have a ask where I need to find out top 100 URL's who have hourly hits more than 50 on the server means if a pa... by Shashank_87 Explorer in Splunk Search 03-11-2020 0 5	0	5
	Chart - select multiple values for drilldown Hi, I am looking forward to create a bubble chart like this: https://www.highcharts.com/demo/bubble, where I can cli... by niyaz006 Path Finder in Splunk Search 03-11-2020 0 1	0	1
	Sub search not returning string Why does a sub search return a boolean value? I am expecting to see the department value. index="activedirectory" (us... by joeybroesky Path Finder in Splunk Search 03-11-2020 0 6	0	6
	Get all data even host name is getting changed while searching Hi I am monitoring log file from one folder and giving host field name as hostname. ex. I am monitoring C:\Logs\GTA(... by ips_mandar Builder in Splunk Search 03-11-2020 0 6	0	6
	timestamp issue Hi I have issue with timestamp, here is the problem: every day at "1 AM" all log files copy into the logserver. this ... by indeed_2000 Motivator in Splunk Search 03-10-2020 0 2	0	2
	Writing a join query to extract usernames from sessionID Hi there, I need help writing a query that finds the username of whoever ran a command on A Linux server. For examp... by arsalanj Path Finder in Splunk Search 03-10-2020 0 9	0	9
	substraction: \| eval field1=mvfilter(match(field, "OUT$")) <-substract-> \| eval field1=mvfilter(match(field, "IN$")) Hello Community, I evaluate the values of a single field which comes with values such as: OUT; IN; DENIED and can ge... by knitz Explorer in Splunk Search 03-10-2020 0 4	0	4
	how to find index names from Splunk saved searches How to find the indexes that the saved searches are running against? Few of my searches are not using index names wit... by arrangineni Path Finder in Splunk Search 03-10-2020 0 5	0	5
	json field extraction Hi , Below is the json snippet properties: { [-]columns: [ [-]{ [-]name: PreTaxCosttype: Number}{ [-]name: UsageDatet... by Nadhiya_Dubai Explorer in Splunk Search 03-10-2020 0 8	0	8
	JSON unable to parse data into Splunk Hello Team, Could you please help me upload this data in Splunk as I am passing into upload as JSON its unable to p... by mailtosnsolutio Explorer in Splunk Search 03-10-2020 0 4	0	4
	eval case/cidrmatch using two fields as a condition How can I use cidrmatch or case using 2 conditions? Example: I only want to get list of IPs where row_A is 11.0.0.0... by whitefang1726 Path Finder in Splunk Search 03-10-2020 0 1	0	1