Splunk Search

Community Activity

How to find out the top 30 applications by bandwidth Hi. I'm new to splunk and trying to code a search for top 30 applications by bandwidth. So far I have the following c... by annageorgiou New Member in Splunk Search 02-03-2020 0 5	0	5
How to join metric data I have several types of metric data going into a metric index. One has 'username' and 'DimA' as dimensions, and 'Valu... by drezanka Explorer in Splunk Search 02-03-2020 0 1	0	1
Efficiency of REGEX = . vs REGEX = .* vs REGEX = (.*) Which of the following (in terms of the REGEX) is the most efficient? I've seen examples of all of them. And is th... by chris_barrett SplunkTrust in Splunk Search 02-03-2020 0 4	0	4
Proofpoint Campaign Data Ingestion I need to ingest Proofpoint Campaign data and it seems that there is no canned TA/App for this. What have other done ... by brent_weaver Builder in Splunk Search 02-03-2020 0 0	0	0
How to format SPL Search Query as code ?? HI All i am creating a dashboard in SPLUNK .. i am trying capture the API counts and response time . here is a sampl... by venkat0896 Path Finder in Splunk Search 02-03-2020 0 10	0	10
Transactions and mvexpand on _raw While there was a good question related to my problem, the answers aren't solving my problem. I need to constrain da... by dspracklen Path Finder in Splunk Search 02-03-2020 1 5	1	5
How to change colors in a table? Hi , I have a statistics table in which each column contains different value for eg: Application Name Application... by shruthiangadi Explorer in Splunk Search 02-03-2020 0 4	0	4
help with table column transformation needed Hello, I need to transform the table I have from: _time avg1 avg2 avg3 t1 v11 v21 v31 t2 v12 v2... by damucka Builder in Splunk Search 02-03-2020 0 1	0	1
timechart per minute by multiple fields Hi, I have two fields with different values and I want count on both basis. These are events and hosts occured in lo... by sahil237888 Path Finder in Splunk Search 02-03-2020 0 2	0	2
How to filter my search that finds VPN User Session Count by Country to only show users with sessions in multiple countries? I have this search which shows the user sessions count by Country for the date range specified. I am trying to filte... by pdumblet Explorer in Splunk Search 02-03-2020 1 2	1	2
Join is breaking multivalues...? It looks like a join will break multivalues. And I thought mvexpand couldn't get any more dangerous or misleading tha... by nick405060 Motivator in Splunk Search 02-02-2020 0 1	0	1
Carbon footprint for a splunk search Hi, We are about to start up a new project where the project manager need to know the carbon footprint of the work d... by JonasLind New Member in Splunk Search 02-01-2020 0 9	0	9
Cascade Table View Hello everyone, I am trying to put a table view together with no luck. The view is rather simple in theory but I can... by ylucena Explorer in Splunk Search 01-31-2020 0 1	0	1
How to combine two searches to form an alert Query 1: (sourcetype="PAYA:Enterprise:CDE:Web:App:Gateway.Bankcard" OR sourcetype="PAYA:Enterprise:CDE:Web:App:Gate... by alexrieffel Observer in Splunk Search 01-31-2020 0 3	0	3
How to remove everything after a specific character in a line Currently i am not familiar with REx and replace commands in splunk. Can someone help me here i want to replace to b... by rijinc Explorer in Splunk Search 01-31-2020 0 9	0	9
How to parse a field to use later in a table Can someone please help me parse the field of FunctionArn for the account id value ( "65123456723" in the example) f... by petersonjared Explorer in Splunk Search 01-31-2020 0 6	0	6
How to list indexers that my search head is connected to? Is there any Splunk search which lists all the active indexers that my search head can pull the data? by pavanae Builder in Splunk Search 01-31-2020 0 1	0	1
Extract a Value from a Field I have a situation where I have a defined field that has a large amount of data but I am interested in only one part ... by joshy50 New Member in Splunk Search 01-31-2020 0 3	0	3
help on eval command Hi I dont know why my eval command doesnt return any resulys `index` \| lookup tutu.csv HOSTNAME as host output SIT... by jip31 Motivator in Splunk Search 01-31-2020 0 3	0	3
Can I remove a part of a string? Hi, Is there an eval command that will remove the last part of a string. For example: "Installed - 5%" will be come... by baty0 Explorer in Splunk Search 01-31-2020 0 5	0	5
Splitting or searching a MV JSON I have a json array like: How can I search or split that? The search: index=jira "issues{}.fields.customfield_14028... by moseisleydk Path Finder in Splunk Search 01-31-2020 0 6	0	6
field extraction Hello i have this part of event : "POST /posts/posts/explore HTTP/1.0" i need to extract the part between "POST" a... by sarit_s Communicator in Splunk Search 01-31-2020 0 3	0	3
How to sort a statistics based on 2 columns I have written a command to get the timings of particular log from different servers. I want to sort it based on host... by prerana_jain Explorer in Splunk Search 01-31-2020 0 2	0	2
rename wineventlog not happening for AWS generic s3 I have downloaded and installed the splunk TA for windows and splunk aws s3 in the search head and the universal for... by dhanasekar79 New Member in Splunk Search 01-30-2020 0 2	0	2
How Can I extraxt specific string part of app logs? This is the text which is being print in our app logs : throws abc.xyz.error.AppException,java.rmi.RemoteException, w... by iqbalintouch Path Finder in Splunk Search 01-30-2020 0 1	0	1