Splunk Search

Community Activity

Display x-axis scale for a field that isn't _time Hi guys, I am trying to chart multiple days on the same line chart, kind of like in this example (https://docs.splunk... by w564432 Explorer in Splunk Search 10-25-2019 0 5	0	5
foreach command Hi everyone, I'm trying to get my head around this foreach statement but no luck so far ... Foreach seems like th... by kristofvdbdavin New Member in Splunk Search 10-25-2019 0 7	0	7
Question on how to use lookup file I have a lookup file which has below 3 columns. Exception_Name Exception_Keyword Comments REXC RemoteException Alert... by Deepz2612 Explorer in Splunk Search 10-25-2019 0 2	0	2
help on a filter issue after a loadjob command hi I use the search below and I call it from a loadjob command After the loadjob execution, I need to filter the da... by jip31 Motivator in Splunk Search 10-25-2019 0 4	0	4
DB Lookup failing with - No operations allowed after statement closed. Hi all, After finally getting a automatic DB Lookup working it fails after loading in a couple of value. I've setup ... by ldurham New Member in Splunk Search 10-24-2019 0 3	0	3
Show All the Results within the Field I want to show all the results within the field itself as I do not want it just show the top 10 limits from the list.... by keldridg2 New Member in Splunk Search 10-24-2019 0 5	0	5
How do you Timechart by multiple fields? Hi, I'm struggling with the below query "presentable" in a dashboard. Initially, my idea was to have time on the x-a... by Esperteyu Explorer in Splunk Search 10-24-2019 0 2	0	2
How to add a column showing search criteria that matched results? I'm writing a search to parse the command line arguments of 4688 events, and want to be able to sort by what matched ... by quadrant8 New Member in Splunk Search 10-24-2019 0 2	0	2
Which characters does Splunk allow in field names? It seems very strange to me to be asking this question in 2019 for Splunk 7.3.1, but I've used Splunk, I've read the ... by Graham_Hanningt Builder in Splunk Search 10-24-2019 3 3	3	3
Join fields from 2 searches without join Hi, I need some help with a little issue, I have 2 sorcetypes like this: SOURCETYPE A: ID_1 \| DESCRIPCION 1 ... by jtg1703 New Member in Splunk Search 10-24-2019 0 2	0	2
Filter fight for sourcetype not working We have a sourcetype and I am trying to filter and everytime I do it shows not events. But I know that there are even... by jgillman Explorer in Splunk Search 10-24-2019 0 4	0	4
Splunk Query help to find time difference For last 30 days(which i will select in time filter) I would like to get the count of field X only if it is older tha... by NAVEEN_CTS Path Finder in Splunk Search 10-24-2019 0 1	0	1
change sourcetype for sourcetype not starting with specific word I want to change the sourcetype for all incoming logs with sourcetypes not starting with abc. I have following settin... by ss026381 Communicator in Splunk Search 10-24-2019 0 4	0	4
Calculating % error rate from a single field for a timechart Hey All, I'm trying to make a timechart that shows the % of un-successful requests processed every hour. Success (o... by dreeck Path Finder in Splunk Search 10-24-2019 1 3	1	3
Query using java jdk does not return any result if table command is used I'm using java sdk to execute a search and if search has a table or stats count the query does not return any result.... by osvaldo_pina Loves-to-Learn Lots in Splunk Search 10-24-2019 0 0	0	0
How to join the same sourcetype - Basically inner join with same sourcetype with different type of search string and compare the value (IN) condition. ) I am using the below query to achieve IN condition in same source. Basically I am achieving how many Order has been c... by shanaiyappan New Member in Splunk Search 10-24-2019 0 2	0	2
Splunk query question how can i do this search in better way: index=test_data sourcetype=test_source_data protocolName="ABCDE4C72260F082" ... by shtom New Member in Splunk Search 10-24-2019 0 2	0	2
Error Message About Literals Hello, One of my biggest pet peeves about software is the lack of information around error messages. Obviously, a dev... by genesiusj Builder in Splunk Search 10-24-2019 0 1	0	1
Custom Commands - Can Streaming Command return more than 1 row per result??? Hello, I'm creating a custom command on splunk (as you can see bellow), my problem is that from one row I want to cre... by ppatrikfr Path Finder in Splunk Search 10-24-2019 0 2	0	2
Missing fields in the index Hi, We have dynatrace data onboarded into Splunk though API. we came across this situation. When I ran the search w... by iamsplunker31 Path Finder in Splunk Search 10-24-2019 0 3	0	3
Create a timechart with Hours, Minutes, seconds on Y axis We have jobs running everyday and I want to do a timechart to show the start time of the job for each day. I have dat... by aohls Contributor in Splunk Search 10-24-2019 0 2	0	2
Consecutively two times- possible ? _time entity_id value duration 2016-01-21 06:52:04 lightA 1 770 2016-01... by reverse Contributor in Splunk Search 10-24-2019 0 2	0	2
Filter a ldapsearch query for a specific group using a wildcard? \| ldapsearch domain=default search="(sAMAccountNAme=%user%)" attrs="memberOf", is the query I am using but I want to ... by krisdev New Member in Splunk Search 10-24-2019 0 6	0	6
Need help in writing regex (PCRE) HI All, We have events where some fields are having multiple value , below is the example event1 : 123,... by pal_sumit1 Path Finder in Splunk Search 10-24-2019 0 3	0	3
How to update Search Command by JS Hello , I am using splunk WebFramework to develop, and i got an problem with update splunk search Command by JS Cur... by cuongnguyen112 Engager in Splunk Search 10-24-2019 0 3	0	3