Splunk Search

Community Activity

Creating a timechart for a query with percentages and a join. I am trying to create a timechart for a query that returns a count for a set of products that where it's lifecycle st... by clehw Explorer in Splunk Search 03-12-2020 0 7	0	7
Why is the following search that contains "field=" not retuning results unless I use a wildcard? Running into a strange issue that I, nor my Splunk admins, can figure out. We have a filed extraction called "Servic... by cjmckenna New Member in Splunk Search 03-12-2020 0 15	0	15
Create a table based on values from two JSON payloads Hi I've two different payloads returned from my search and I need to create a table from values extracted from the pa... by charan986 Engager in Splunk Search 03-12-2020 0 7	0	7
dedup problem Hello, This is my query with " dedup Matricule" index=juniper_vpn (ID=AUT22673 OR ID=AUT24803) ......67 \| eval sr... by numeroinconnu12 Path Finder in Splunk Search 03-12-2020 0 3	0	3
データのモニター設定で取り込まれないデータの追加で、モニターでディレクトリ指定にしています。指定したフォルダの中には、同一構成の日付ごとのデータが数か月分格納されています。インポートを終えて、検索をするのですが、sourceを見ると全ファイルが取り込まれていません... by tonakano Engager in Splunk Search 03-12-2020 0 1	0	1
Hello experts, I would like to calculate the pearson correlation between all my fields ? I visited the documentation and I see that we can only compute the pearson correlation between two fields at a time w... by faisal_alazem New Member in Splunk Search 03-12-2020 0 1	0	1
How to compare two searches to find values in one search and not the other I have two datasets in separate indexes that I would like to compare. i.e. dataset from search1: item1 item2 item... by zachsisinst Explorer in Splunk Search 03-11-2020 0 1	0	1
How to combine these two searches into one search so that correlation between all three fields Hi. I have two separate searches. Search1 returns events where field1 and field2 exist: search source=x resource=fo... by nickrally2009 Explorer in Splunk Search 03-11-2020 0 2	0	2
How to set host field in metrics to the value of a specific field when creating metrics from event data? I am attempting to populate a metrics index with data from an event index. Using a search similar to: index="myi... by bbwstianche New Member in Splunk Search 03-11-2020 0 1	0	1
How to round the output from chart command? Hello, I have produced a table which shows distances between the cities. The search is shown below: my search \| cha... by kiril123 Path Finder in Splunk Search 03-11-2020 1 5	1	5
Help with search for average response time based on TotalTime value I have multiple log events like below based on my search criteria- 2020-03-11 08:23:55,141 - [UserId=xyz \| UserName=... by dhirajnangar Engager in Splunk Search 03-11-2020 0 3	0	3
Help fixing string with newline that is not searchable Hi, if my string is "asdf .\r\n asdf" and I filter on that (Add to search) I get "No results found". Any idea how t... by sjova Engager in Splunk Search 03-11-2020 0 5	0	5
add seconds or minutes every 50000 events Good afternoon Currently you try to index data to an index summary, but these events do not contain a timestamp so t... by efaundez Path Finder in Splunk Search 03-11-2020 0 2	0	2
Timestamp comparison from an inputlookup Hi All, I do have cumbersome problem...I have a table built out from an inputlookup search. We have n-columns in this... by DomenicoFumarol Explorer in Splunk Search 03-11-2020 0 1	0	1
Recommended No of Concurrent searches for the current infrastructure Hi, We have a single server machine, where Splunk enterprise edition is installed. Configurations, CPU - 1 Cores - 8... by viramamo Explorer in Splunk Search 03-11-2020 0 1	0	1
is there a way to display each row in a table as a tile..? I want to show each row as a tile with different customization. 1. Based on the row value i should change the color o... by vinothn Path Finder in Splunk Search 03-11-2020 0 1	0	1
lookup users that do not match users in search I have created a search to match search results for users to users in a lookup: \| inputlookup AD_User_LDAP_list appe... by nathanluke86 Communicator in Splunk Search 03-11-2020 0 12	0	12
Using tokens in XLM dashboard table "fields" tag- fields won't update dynamically I have an XML form that has a select box control that allows users to select the fields they want displayed in the ou... by etoombs Path Finder in Splunk Search 03-11-2020 0 3	0	3
Field extraction of multi-line event with header I have a script for Linux that executes "sar -n DEV" and formats the output to look like: Linux <kernel version> (<h... by ricotries Communicator in Splunk Search 03-11-2020 0 3	0	3
How to trim splunk logs to get time and particular field Below are the sample entries from splunk. Highlighted the entries which i want to list down. Please suggest a splunk... by surendar123 New Member in Splunk Search 03-11-2020 0 8	0	8
Icelandic unicode character - "Interesting fields" showing no result Hi, I'm writing json NLog files from Visual Studio into Splunk (with NLog WebService target). In my Splunk search r... by sjova Engager in Splunk Search 03-11-2020 0 0	0	0
How to extract Json array of objects data into table format in Splunk ? Example data : We need to extract below json data into table format in Splunk ?link text "assets": [ {<!-- --> ... by harishalipaka Motivator in Splunk Search 03-11-2020 0 1	0	1
Splunk Cloud rex extraction on search Attempt A index="w3c" \| rex field=_raw "?(sessionid=?)\w{8}-\w{4}-\w{4}-\w{4}-\w{12}" \| table ABC _raw Attempt B in... by onedarr New Member in Splunk Search 03-11-2020 0 5	0	5
How to pull events on status events based on time stamps When someone gets activated and deactivated this data is consolidated -- always. My question is how can I separate ... by gregzee New Member in Splunk Search 03-11-2020 0 1	0	1
List of top URLs with hourly count > 50 Hi, I have a ask where I need to find out top 100 URL's who have hourly hits more than 50 on the server means if a pa... by Shashank_87 Explorer in Splunk Search 03-11-2020 0 5	0	5