Splunk Search

Community Activity

One Tile per Table Row Hello, I have a search that generates over 50's rows and 12 columns. I need to create a tile for each row. I thought ... by genesiusj Builder in Splunk Search 03-06-2020 0 7	0	7
Time Conversion Hi, I have time format as: 2019-10-08 15:24:40.132 UTC I used eval to strip it to: 2019-10-08 15:24:40 I need to c... by mbasharat Builder in Splunk Search 03-06-2020 0 2	0	2
help on a count which is different in a subsearch versus a search hi The search below returns me 558 events `CPU` \| stats values(SITE) as SITE count(process_cpu_used_percent) as "N... by jip31 Motivator in Splunk Search 03-06-2020 0 1	0	1
Limiting Results of matching values in an array field Anyone know of a way to only return the matching values of a sub search to the string array field in the parent searc... by yepyepyayyooo New Member in Splunk Search 03-06-2020 0 4	0	4
excluding a field value from a same events How can i exclude a single value from a field which generates multiple value in the single event.for eg- if in a sing... by rajiv_r Explorer in Splunk Search 03-06-2020 0 4	0	4
How to mark difference between Two CSV Hi Guys, There is a csv which gets updated every day once with details such as- VMName Group CPU Memory Storage Pow... by shugup2923 Path Finder in Splunk Search 03-06-2020 0 4	0	4
How to add a color coded legend with text to a pie chart visualization? Hi, I need to add colour code wise legend for my Pie chart visualization in a same way that Bar/Column chart has on ... by ketan_chanana Engager in Splunk Search 03-06-2020 0 2	0	2
Comparing index sizes on 2 dates I have been asked to create an alert that looks at the index sizes (all indexes) for today, and compare them to the s... by tsheets13 Communicator in Splunk Search 03-06-2020 0 5	0	5
Time periods for query and alert Hi there!I'm running this query index="staging" \|eval raw_len=len(_raw) \| eval raw_len_gb = raw_len/1024/1024/1024 \| ... by alekseisaiko Path Finder in Splunk Search 03-06-2020 0 5	0	5
Conditional searching using eval command with if match Hi SMEs: I would like to define a print event type to differentiate Remote Prints from Office Print jobs. From my p... by mdeterville Path Finder in Splunk Search 03-05-2020 0 4	0	4
Splunk query to exclude the searched strings based on date and display in table Hi Splukers, I have a requirement to search for some filenames and display the missing files as per the date. Thus, ... by asharmaeqfx Path Finder in Splunk Search 03-05-2020 0 6	0	6
Convert this time format to epoch I have a time in the format of: 3:21:34 AM 12/8/2014 I'm trying to convert this to epoch time. Can anyone lend a h... by hagjos43 Contributor in Splunk Search 03-05-2020 4 10	4	10
COnversion of PM /AM time to epoch not working as expected 2/11/2020 11:49:00 AM 2/11/2020 9:55:00 PM How to convert this into Secs.. Conersion of AM and PM is not working a... by ashanka Explorer in Splunk Search 03-05-2020 0 2	0	2
How to convert string data in a field to proper case? I'm trying to convert string data in my fields to proper case e.g. josh smith to Josh Smith. Is there any function in... by drewski3420 New Member in Splunk Search 03-05-2020 0 7	0	7
Setting field value based on another field I have a value in my events called type, which is a single digit integer (1, 2, 3, etc.) I would like to create a new... by tsheets13 Communicator in Splunk Search 03-05-2020 0 2	0	2
How to extract a field with regex Hi Everyone Sample logs: {"kubernetes":{"container_name":"sign-template-services","namespace_name":"merch-ps-signs-... by maria_n Explorer in Splunk Search 03-05-2020 0 3	0	3
split specific values from list Hi All, I have data like below Drive Free_Space C:,D: 500 GB,450 GB E:,D: 25... by harishalipaka Motivator in Splunk Search 03-05-2020 0 3	0	3
Expand requirement for running on same OS? The requirements state that all cluster systems must run the same OS. Does this include the same OS version level of... by cisaksen Explorer in Splunk Search 03-05-2020 0 1	0	1
Splunk Data Input Script apparently running in root directory I am experimenting on a test system and have a simple shell script that consists of one line to call Python 3 to run ... by julianniemeyer New Member in Splunk Search 03-05-2020 0 0	0	0
Search and lookup table fields comparison Hello everyone,I have the challenge to compare two date fields, one coming from a search and the other one is reporte... by DomenicoFumarol Explorer in Splunk Search 03-05-2020 0 2	0	2
Join two queries Hello, i Have this query that i want to improve \| loadjob savedsearch="myquery" \| where (strftime(_time, "%Y-%m-%d"... by tahasefiani Explorer in Splunk Search 03-05-2020 0 7	0	7
Splunk table get values smaller than 4 months Hello, I have the below query which works fine: {My search} \| rename user_id as User \| stats max(asctime) as "Last ... by anouar_jben Explorer in Splunk Search 03-05-2020 0 5	0	5
How to calculate percentage increase/decrease for indexes per day? How would I calculate the percentage increase/decrease, for indexes on a per-day basis? Thx by jwalzerpitt Influencer in Splunk Search 03-05-2020 1 8	1	8
How to pull a report of application log where DEBUG level log is enabled Hi, is there anyway to pull a report to get the data of log where DEBUG level log is enabled, based on the index and... by iqbalintouch Path Finder in Splunk Search 03-04-2020 0 0	0	0
Question on role creation for editing xml i would like one user to edit xml code or change query on the panels/dashboard of his app alone. what is the capabil... by jiaqya Builder in Splunk Search 03-04-2020 0 2	0	2