Splunk Search

Community Activity

How to join two searches and table it? Hello, I'm trying to join two searches, and i need to use host in the other one, to be able to table it by DesktopGr... by janitka Explorer in Splunk Search 11-25-2019 0 9	0	9
help for displaying events that have collected in one index but never in other hi I tried to find host from my csv file which have connected in one specific index but never in others I have done t... by jip31 Motivator in Splunk Search 11-25-2019 0 2	0	2
metric index and mcollect , mstats issue pls help I have used mcollect command to populate my metric index later i tried to pull up that data via mstats command but fo... by anem Explorer in Splunk Search 11-25-2019 0 0	0	0
Dashboard PDF email failing A dashboard will export to PDF correctly, but anytime we try to send it via email (be it a test email or scheduled) n... by elumpkin_caisgr Engager in Splunk Search 11-25-2019 0 8	0	8
Passing tokens dynamically to search query I have a drop down which I populate with the query and editing field values index="myindex"\|stats values(Category) as... by k_harini Communicator in Splunk Search 11-24-2019 0 6	0	6
Extracting fields for a specific text hi All, Am trying to extract the fields for only the text when it contains start or end as my test_status field that... by datamine Loves-to-Learn Lots in Splunk Search 11-24-2019 0 2	0	2
How to display column results in descending order? It shows the result in the below format uri 208 400 ... .... ... I want ... by prannoy93singh Engager in Splunk Search 11-24-2019 0 5	0	5
help on eval condition Hi I use the search below which works fine but I have an issue with my eval command why i can retrieve the "No SPLUNK... by jip31 Motivator in Splunk Search 11-24-2019 1 9	1	9
Is there a difference in efficiency between this sort and reverse? Delta cites an example using sort - _time. Is there a difference in efficiency between this sort and reverse? by yuanliu SplunkTrust in Splunk Search 11-23-2019 1 3	1	3
Event count from 2 dates How do we get event count from 2 dates. Something like this - 2/11/18 3/11/18 4/1... by ataunk Explorer in Splunk Search 11-23-2019 1 8	1	8
Why do some events display date fields and other don't? Hi, I noticed that one of my custom feeds has date fields (date_hour, date_mday...), but other ones, which are nativ... by a212830 Champion in Splunk Search 11-23-2019 2 4	2	4
One Value from one field should compare every other value from other field and return the 3rd field value. Query: index=data_core sourcetype=data_log is_scheduled=1 \| rex max_match=0 field=search "savedsearch\s{0,}\"{1}(?(... by nomadichunters Explorer in Splunk Search 11-23-2019 0 5	0	5
How to query a lookup table based on time HI All I have a lookup table which is populated by a scheduled search once everyday. The lookup table looks like bel... by nirmalya2006 Path Finder in Splunk Search 11-23-2019 0 7	0	7
How to separate a search by groups of hosts? Hello! If I run this query, I'll get a graph of the # of queries over time aggregated for all of my hosts. host=* \|... by meleschi Explorer in Splunk Search 11-22-2019 0 4	0	4
Why is CSV data with multiple values in one cell parsing incorrectly? I'm trying to upload a CSV file into Splunk, however, it doesn't seem to parse it correctly for the multiple values f... by kimle Engager in Splunk Search 11-22-2019 0 3	0	3
How to extract substring in a string for eval case? Hi All, I have a field "CATEGORY3," with strings for example:- Log 1.2 Bundle With 12 INC Log 1.2 Bundle With 3 INC... by Chandras11 Communicator in Splunk Search 11-22-2019 0 5	0	5
Field extraction receiving error message Any time I try using the Extract Field option in an event list the next page returns this error: Error in 'rex' comm... by atatistcheff Explorer in Splunk Search 11-22-2019 0 7	0	7
Help with regex for field extraction Hi, I have a field value as below. These are all fixed positions all across. /COMPANY LOCATIONS/PA/PHILADELPHIA/AB... by mbasharat Builder in Splunk Search 11-22-2019 0 4	0	4
Escape a period in transforms regex to drop log? I'm collecting DNS logs and I'm trying to drop all logs with sub.domain.com as the query. In my transforms.conf I ha... by reswob4 Builder in Splunk Search 11-22-2019 0 3	0	3
How to disable location clustering of results on a map generated by the geostats command in Splunk 6.1? I have a geostats map in version 6.1 and I want to force it to NOT use clustering. I want to see an indicator for eac... by jasongori Explorer in Splunk Search 11-22-2019 4 12	4	12
Splunk rex help: regex for windows and unix path Hi, I am a newbie to SPL. I am trying to write a regex that will extract the unix/windows path from the full_log fiel... by hbustam8063 New Member in Splunk Search 11-22-2019 0 5	0	5
How to create a timechart that makes same search run for a different date range in a single chart I have a search string that runs a SQL search and returns two columns (items and count) from DB. I run this search o... by nkumar6 Explorer in Splunk Search 11-22-2019 0 4	0	4
How to convert Day Mon Date HH:mm:ss UTC Year to YYYY-MM-DD HH:MM:SS:Q Hi, I have a Timestamp field as Fri Nov 22 03:37:15 UTC 2019 and I want to convert into YYYY-MM-DD HH:MM:SS:6Q form... by gravi Explorer in Splunk Search 11-22-2019 0 3	0	3
IT Audit in full network, servers ?? Need to perform the full audit of all the network and servers. by raja8220 New Member in Splunk Search 11-22-2019 0 2	0	2
How to make search efficient with spath and regex How can I make this search efficient? earliest=-1m source="/var/log/aws/opsworks/opsworks-agent.statistics.log" hos... by vjzone Path Finder in Splunk Search 11-22-2019 0 8	0	8