Splunk Search

Community Activity

Can All-In-One be set as a search peer? Hello! Can All-In-One be set as a search peer? Although the status is set to UP when set, the search returns 0 resu... by HiroshiSatoh Champion in Splunk Search 01-22-2020 0 4	0	4
How to hide title space of a Table? I want to hide the blank space acquired by a TABLE TITLE as my table title is empty and occupying extra space on the ... by nagar57 Communicator in Splunk Search 01-22-2020 1 3	1	3
How to find time difference between below time formats? New_Time=2020‎-‎01‎-‎22T03:17:36.385000000Z Previous_Time=2020‎-‎01‎-‎22T03:17:36.388208200Z I tried below query and... by manurajrajappan New Member in Splunk Search 01-22-2020 0 5	0	5
Two dashboards values in single value panel should equal to third dashboard Hello Experts I have 3 dashboards basically. Board 1 represents total login attempts for an hour (including succes... by gopiven Explorer in Splunk Search 01-22-2020 0 4	0	4
Transaction includes non-relevant events? Why does transaction group irrelevant events together with relevant ones? What am I doing wrong? Sample Postfix log ... by mitag Contributor in Splunk Search 01-22-2020 0 12	0	12
Virtual index causing metadata command to error out for other sourcetypes Without a virtual index enabled, running \| metadata type=sourcetypes index=* will return correctly.Adding a virtual i... by hortonew Builder in Splunk Search 01-22-2020 0 6	0	6
How to find records where a field's value doesn't exist in a subsearch? I have the following two searches: 1) earliest=-4h latest=now index="main" field1="somethingA" 2) earliest=-4h lates... by saqib99 New Member in Splunk Search 01-22-2020 0 4	0	4
Field extraction I'm trying to extract fields from this event using regular expressions, Multiple times I receive the following erro... by maxitroncoso Engager in Splunk Search 01-22-2020 0 9	0	9
Extract Second field from url AbsoluteUri=https://website.api.net/hch6348/relay/6bcb449b-7d85-4f71-a6f4-fae37808627f-udcc1.crp.hs.com/script/wnbr.d... by michaelrodr Engager in Splunk Search 01-22-2020 0 5	0	5
Combining 2 queries based on a common value 1st query ns=mynamespace* app_name=A-api API=GET_INITIAL_DATA NAME=* 2nd query ns=mynamespace* app_name=B-api API=G... by angersleek Path Finder in Splunk Search 01-22-2020 0 3	0	3
Switching to Python3 in Splunk 8 I am testing my custom app, which I have converted to be compatible with python2 and python3, on a Splunk 8.0.1 insta... by rwellum Explorer in Splunk Search 01-22-2020 1 2	1	2
What is the quickest way to see if a host was ever indexed in Splunk? Hi, What's the quickest way to see if a host was ever indexed in Splunk? I don't want to do an alltime search. Wou... by a212830 Champion in Splunk Search 01-22-2020 1 5	1	5
Build table based on multiple results Hi, I have an issue and have no idea how to solve. There is a large log index. In this index are application logs a... by j0k4b0 New Member in Splunk Search 01-22-2020 0 1	0	1
Impact of Increasing the limit of stats list() from 100 to say 1,00,000 I am using stats list() for a use case. But the data I am dealing is lot more, than the limit that is set to =100 in... by ahmadshakir1952 Explorer in Splunk Search 01-22-2020 0 2	0	2
Lookup Table vs. Summary Index Hello, I need to create a table(?) to use for populating 4 dashboard dropdowns: time picker, user, user-id, and IP ad... by genesiusj Builder in Splunk Search 01-22-2020 0 12	0	12
how to update table cell results based on another rows sharing common field. Hello, In search query results some cells populate empty results for specific field. I am looking to update those em... by AKG1_old1 Builder in Splunk Search 01-22-2020 0 6	0	6
Line breaking behavior questions My propfs.conf file for my app looks like the following : [bit_fuse_log] pulldown_type = true NO_BINARY_CHECK = true... by romainbouajila Path Finder in Splunk Search 01-22-2020 0 1	0	1
iplocation is not working Hello, iplocation is not working for some IP addresses (152.89.162.133 for example) But this IP location is in the Ge... by securiteinforma Explorer in Splunk Search 01-21-2020 0 2	0	2
Splunk management server backup and restore Hello Splunkers.... I am trying to upgrade our management server from 6.6.2 to 7.3.2. I am taking backup of /opt/spl... by suryaaruna New Member in Splunk Search 01-21-2020 0 3	0	3
snap to 10 minutes Hi , I want to snap to 10 minutes. I know how to snap to an hour for example: ... \| eval _time=relative_time(_time,"@... by dadi Path Finder in Splunk Search 01-21-2020 0 3	0	3
The "precision" and "recall" shown on GUI seems wrong in Machine Learning Toolkit I tried "Predict Categorical Fields" of showcase in Machine Learning Toolkit. I calculated the "precision" and "recal... by nchinen New Member in Splunk Search 01-21-2020 0 0	0	0
Issue with strftime time function. It always adds few minutes to actual results Hi Team, I have gone through the forum but couldnt find which suits my requirement. We are trying to calculate time d... by abochare New Member in Splunk Search 01-21-2020 0 3	0	3
how to configure new string for Linux servers CPU check,how to configure string to get logs of CPU usages of Linux hosts I have index=os-icon-rhel and there are many sourcetypes are confirmed except CPU check. how to add sourcetype=CPU fo... by shobhna744 New Member in Splunk Search 01-21-2020 0 2	0	2
How to create a table with several fields and totals by each value Imagine that I have a table of results like this: Field1 Field2 Field3 Field4 Field5 Field6 Field7 Field8 Field9 1 ... by splunk_exercice New Member in Splunk Search 01-21-2020 0 1	0	1
How to index perl hash data? I have a the output of a Perl script as a Perl hash. I'm not able to run the script directly from Splunk, but would l... by cblanton Communicator in Splunk Search 01-21-2020 0 2	0	2