Splunk Search

Community Activity

help on basic eval hi why "MemoryUsage" doenst return any results? eval FreeMemory = round(Value, 0). " MB" \| eval TotalMemory = rou... by jip31 Motivator in Splunk Search 02-18-2020 0 1	0	1
Show an output message, when there were no logs in Splunk while using STATS by Hi All, I want to show a message even when there were no results returned in Splunk. While using stats by command. ... by rkmaggidi New Member in Splunk Search 02-18-2020 0 4	0	4
help on basic search with 2 index HIhi why I have no resulys even if I merge 2 index even if I have results when I execute one or the other? (inde... by jip31 Motivator in Splunk Search 02-18-2020 0 2	0	2
Is there a way to calculate percentile of a row values in table? I have displayed percentile of certain metric values by grouping with month & host in a table representation. Whateve... by akarivaratharaj Communicator in Splunk Search 02-18-2020 0 4	0	4
sum multiple session duration Hi at all, I have a very strange problem that I'm trying to solve. I have a data source with the following fields: u... by gcusello SplunkTrust in Splunk Search 02-18-2020 0 23	0	23
how to perform a search with multiple files and combine the results in a single table? Hello all, I have a requirement where i want to get data from multiple files which has different indexes and combine ... by anooshac Communicator in Splunk Search 02-18-2020 0 14	0	14
How to edit my timechart to change the tooltip display on hover? I have a timechart which, on hover, shows complete date in the tooltip. Is there a way in which I can just show the m... by architkhanna Path Finder in Splunk Search 02-18-2020 0 5	0	5
Changes in `values` function from 8.x version Hi, we are testing a 8.* of Splunk version using a docker image on a POC virtual machine to migrate our 7.3.4 dev cl... by piefragnisp Explorer in Splunk Search 02-18-2020 0 3	0	3
If I want to gather the statistics day by day for seeing the trend of each type of data and for checking the usage of any new data on-board in the future. Hi all, I have search through the questions asked regarding caption question and find below query. If I want to gathe... by ctksplunkctk New Member in Splunk Search 02-17-2020 0 2	0	2
Use Lookup to control searches how can i use a value at the lookupcsv as a variable for earliest=$variable$ Hello together, i got the task to make 3 searches in total controllable over several systems via a csv. The CSV loo... by mklhs Path Finder in Splunk Search 02-17-2020 0 2	0	2
timespan not providing desired result Hello, I am trying to have timespan to show results for every 2 mins but it seems to reflect the default of 5 mins ... by praddasg Path Finder in Splunk Search 02-17-2020 0 2	0	2
asset identity correlation setup after enabling, it takes a long timeto show the results of the queries, it takes a long time to show the results of t... by blackedamp Engager in Splunk Search 02-17-2020 1 2	1	2
Result of a calc in a timechart Hello, I'm trying to make an availability graph based on the below calculation: index="MY_INDEX" host="MY_HOST" NO... by tmeriadec Engager in Splunk Search 02-17-2020 0 3	0	3
help to display fields in a table HI I use the search below in order to count errors by Product and source TOTO (Source="Hang" OR Source="Er... by jip31 Motivator in Splunk Search 02-17-2020 0 3	0	3
Extract all fields from a log file Hello Gurus, I have a log file which is almost structured . I need to extract all the fields from it. Its working fin... by Nilesh3110 Explorer in Splunk Search 02-17-2020 0 3	0	3
Negative lookahead for props.conf I am trying to create a stanza in props.conf so that all non splunk internal logs go to index=newindex. I tried usin... by htidore Path Finder in Splunk Search 02-17-2020 0 2	0	2
how to calculate fields total size and size used to get %used I have two fields total_size and size_used How can I calculate %used and output as a new field %used TIA by nathanluke86 Communicator in Splunk Search 02-17-2020 0 2	0	2
Excluding a source I have a host sending log data and I am wanting to exclude a specific directory from being ingested and/or indexed bu... by balcv Contributor in Splunk Search 02-16-2020 0 5	0	5
Converting from MB to GB not working HI, I have my query and doesn't seem to convert from MB to GB. What am I doing wrong? Can anyone help me? index= * ... by annageorgiou New Member in Splunk Search 02-16-2020 0 15	0	15
How to find in between duration between three transaction event? Hi, How can I find in between duration between three transaction event? For example, the duration1 between mod1 and ... by limalbert Path Finder in Splunk Search 02-16-2020 0 4	0	4
extracting fields from another field Hi, We are receiving the event in json format and given the _raw event below. I am trying to extract the fields in s... by martinnepolean Explorer in Splunk Search 02-16-2020 0 5	0	5
How do you add all the values in a column to get the total and then divide the total by the number of rows in the column? The column to the right has a total of the percentage increase, but I would like to take that total and divide it by ... by ihaveasplunkacc Loves-to-Learn Lots in Splunk Search 02-15-2020 0 4	0	4
Streamstats Time Sum When Specific Values Hi All, I'm stumped on the following search. The scenario is I'm trying to track the amount of time a support ticke... by mikepangrac Loves-to-Learn Lots in Splunk Search 02-15-2020 0 2	0	2
Extract pairldelim kvdelim JSON problems I have JSON data that I'm trying to extract into fields and unable to get all the data extracted correctly. My query... by trtracy81 New Member in Splunk Search 02-14-2020 0 4	0	4
Time chart for average of duration by Channel span 1h I have the following data and i am trying to create a time chart of the data for average duration by channel "_time"... by saikumarkomati New Member in Splunk Search 02-14-2020 0 3	0	3