Splunk Search

Community Activity

Extrapolation of data volumes after connection of new systems / predicted license costs with lookup The relevant data about the future development of CustID are read in via a lookup (new_custID.csv) based on the table... by mklhs Path Finder in Splunk Search 12-18-2019 0 3	0	3
Changing the color of comment macro We can add comments to a splunk search by using "comment" macro. However to distinguish between SPL and comment, is t... by juhisaxena28 Explorer in Splunk Search 12-18-2019 0 1	0	1
weirdness using max() and min() in eval, operating on numeric multivalue fields It seems like if you I have a numeric multivalued field, I should be able to use eval to take the max and min of the... by sideview SplunkTrust in Splunk Search 12-18-2019 2 5	2	5
How to modify a single row in a lookup file based on a particular row value? I have a CSV lookup present with 1000 rows as per the below query. sourcetype="snow:cmdb_ci_service" \| stats latest... by gndivya Explorer in Splunk Search 12-18-2019 0 1	0	1
help for calculating a trend in a table panel hello from the code below, i would like to be able to add a new colum in my table panel which calculate the percenta... by jip31 Motivator in Splunk Search 12-18-2019 0 11	0	11
Splunk Support for Active Directory: How to get results for multiple ldap host after running \|ldaptestconnection command Splunk Support for Active Directory: How to get results for multiple ldap host \| ldaptestconnection domain="my Domai... by splunk_rohitsha Engager in Splunk Search 12-17-2019 0 0	0	0
Splunk service on indexer server gets killed by OOM killer when it should not. We operates splunk platform of 10+ SHC members & indexer cluster with 100+, version 7.2.9. From time to time we see ... by sylim_splunk Splunk Employee in Splunk Search 12-17-2019 2 2	2	2
How to properly display trend comparison of values over Hour by Day for multiple days? The following query will display a simple chart for trend comparison. This works well if you keep the days you're com... by ten_yard_fight Path Finder in Splunk Search 12-17-2019 0 2	0	2
Access Field for Value in Drop Down loaded by an input lookup file Hi, I have prepared an input lookup file which has the following contents: OperationCode,Meaning,Direction 1001,Cre... by mhornste Path Finder in Splunk Search 12-17-2019 0 6	0	6
how to exclude a holiday from search splunk using lookup csv Hi everyone , I would like to exclude a holiday list from my search using a lookup.csv . how to do ? thanks all of y... by ruben993 New Member in Splunk Search 12-17-2019 0 1	0	1
How to set specific options for certain fields in a chart I am trying to get one of the fields in my timechart to not connect points on null values, whilst still allowing the ... by jakethomso Explorer in Splunk Search 12-17-2019 0 6	0	6
filed extraction on specific path Hi I want to create "field extract" on all logs that exist in below address. /opt/logs/file1.log /opt/logs/file2.log... by indeed_2000 Motivator in Splunk Search 12-17-2019 0 11	0	11
help on complex dynamic pie chart Hello I use the search below in order to display datas in a pie chart As you can see in my eval command, I agregate ... by jip31 Motivator in Splunk Search 12-17-2019 0 5	0	5
LookUp Files Issues I have a lookup file called PriceFactot.csv. I have defined this lookup table and then in query I use \| inputlookup ... by zacksoft Contributor in Splunk Search 12-17-2019 0 5	0	5
Is there any way to decode an encoded html values saved in a log file? I want decode all the encoded html values present in an log file while indexing itself. Is there any way to do it ? by Boopalan New Member in Splunk Search 12-17-2019 0 8	0	8
how to reduce SQL connections from splunk to oracle DB for good performance? we are building various dashboards for monitoring purpose. Most of the dashboards need the data from database, which ... by sagar0907 Engager in Splunk Search 12-16-2019 0 4	0	4
Splunk table and regex filter I have following data in "log" field, date1 name : message one date2 name : message two date3 name : message one date... by mnjmht18 New Member in Splunk Search 12-16-2019 0 2	0	2
Combining results in a search I have a search that graphs the number of events based on host name. It even colour codes into Windows and Linux hos... by balcv Contributor in Splunk Search 12-16-2019 0 3	0	3
Range Marker I am trying to achieve the same visualization as documented over here: https://wiki.splunk.com/Community:Search_Repor... by Stevelim Communicator in Splunk Search 12-16-2019 0 3	0	3
Is there an Equivalent of splParser? I am trying to parse Splunk queries, is there an equivalent of splParser ? splParser outputs parse trees of SPL queri... by rosh_dsa New Member in Splunk Search 12-16-2019 0 1	0	1
How to configure props.conf and transforms.conf to route data matching a certain regex to a specific index and drop all other events? Hi, I'm running a test setup with some live syslog data and I want to do the following on my forwarder: 1) Route al... by Sloefke Path Finder in Splunk Search 12-16-2019 1 5	1	5
network device Inventory check with splunk Hi I would like to know what is best way to get network inventory on splunk? Just started some search and it appear... by hanyeolk Observer in Splunk Search 12-16-2019 0 1	0	1
US state abbreviations to full state names - Choropleth map I have a field [Driver State] which contains all the US states in abbreviated format (MD = Maryland). I want to gener... by corky42 Engager in Splunk Search 12-16-2019 0 3	0	3
Search Event from ID in a lookup Hello everybody ! probably this is a very easy thing to do, however I'm struggling here as my experience in splunk is... by Oaknoy New Member in Splunk Search 12-16-2019 0 3	0	3
Remove highlight from table most left column Hi, In my dashboard I have a table with 5 columns. Once I hover with my mouse on one of the cells, 2 cells are highl... by shayhibah Path Finder in Splunk Search 12-16-2019 0 2	0	2