Splunk Search

Community Activity

	How to write a search to display a Notable Event Timeline Review showing various phases of a ticket? Hello everyone Can anyone suggest me a search where I can get the notable Event time review between various phases of... by gschauhan81 New Member in Splunk Search 05-13-2024 0 5	0	5
	Converting Multivalue Fields to Single Value Fields for Line Chart Visualization Hello Splunk Community,I'm encountering challenges while converting multivalue fields to single value fields for effe... by sanjai Path Finder in Splunk Search 05-12-2024 0 3	0	3
	Plot time series chart based on values selected where in value can single or multiple I am using query as below index="test" sourcetype="reports" \| bin _time span=1m \| stats values(a) as a values(b) as ... by R_Ramanan Loves-to-Learn in Splunk Search 05-12-2024 0 5	0	5
	to check the attribute exist and assign the value If attr.error exist then Error will be attr.error. If attr.error not exist and attr.error.errmsg exist then Error wou... by Jasmine Path Finder in Splunk Search 05-12-2024 0 2	0	2
	ddl bind with rex In the below query if c= I, the reg expression is \| rex field=attr.namespace "(?<DB>[^\.]*)"if c= other than "I" the... by Jasmine Path Finder in Splunk Search 05-11-2024 0 1	0	1
	Need Help with a Splunk query So, I have data like this after I ran a query. For each aggregator, if the aggregator_status is Error and before15 mi... by phularah Communicator in Splunk Search 05-11-2024 0 3	0	3
	How to get the list of all APIs with the response time more than 30sec in splunk Hi All,I have a soap request and response being ingested in the splunk under an index. There are multiple API calls a... by splunk6 Path Finder in Splunk Search 05-11-2024 0 1	0	1
	How to extract fields from nested json Hello,Can someone please help me in extracting nested json fields without regex?I have tried below:1. Updating KV_mod... by jayita1989 Loves-to-Learn Lots in Splunk Search 05-10-2024 0 7	0	7
	How to categorized filed values as Success and Failure files in Splunk? Hi All,I have a field in my data called 'message' ,which contain information about status of the field.I'd like categ... by karthi2809 Builder in Splunk Search 05-10-2024 0 3	0	3
	Delete events after stats operation I'm running stats to find out which events I want to delete. Basically I'm finding the minimum "change_set" a particu... by bhavesh0124 Explorer in Splunk Search 05-10-2024 0 7	0	7
	best way to run a query what is the best approach to run splunk queries by howard_mclean New Member in Splunk Search 05-10-2024 0 1	0	1
	How to split stats values() into other rows? I am trying to show a "primary" and "secondary" IP in rows to recreate a spreadsheet. I currently have a search like:... by bofasplunkguy Explorer in Splunk Search 05-10-2024 0 4	0	4
	Splunk search earliest and latest in Splunk search Splunk search " EventCode="4688" AND earliest="5/8/2024:10:07:20" latest="5/8/2024:10:17:20 " Could you please the ti... by jaibalaraman Path Finder in Splunk Search 05-10-2024 0 6	0	6
	open .csv file Hello, I have a really basic question  I have a .csv file saved in SPLUNK, which I believe is indexed - this is not ... by Orange_girl Loves-to-Learn Everything in Splunk Search 05-10-2024 0 11	0	11
	Extract ip address from result my output in splunk is as below <error code #> IP Address is x.y.z.a I want to extract only the x.y.z.a and its coun... by nsiva New Member in Splunk Search 05-10-2024 0 6	0	6
	Status Field Showing Both the values in same field? Hi All, This the query which i try to get status.But in the table its shows both error and success.PFA screenshot \| e... by karthi2809 Builder in Splunk Search 05-10-2024 0 7	0	7
	R-squared in Splunk I am trying to compute the R-squared value of a set of measured values, to verify the performance or accuracy of a pr... by Jamietriplet Explorer in Splunk Search 05-10-2024 0 1	0	1
	not able to fetch values from log i have a log and i am able to fetch all the codes which is of same format, but not able to fetch logs of one error co... by vineela Path Finder in Splunk Search 05-09-2024 0 1	0	1
	Porcentage two values Since I can get it to show me when the percentage of errors 69 and 10001 is greater than 10, with the following searc... by Miguel3393 Path Finder in Splunk Search 05-09-2024 0 7	0	7
	How do I add a dashboard link to the App? Hello, I have created a dashboard, it is public within my group. I want the end users to be able to open the main SPL... by Elupt01 New Member in Splunk Search 05-09-2024 0 1	0	1
	status of held Data has to complete with in the day itself. HI Team,when the status is H and it has to complete within the day itself.expected output for below sample data is co... by Anud Path Finder in Splunk Search 05-09-2024 0 10	0	10
	Timechart span=1d count by new users not seen before Here is my example search to start... index=data \| timechart span=1d by user Now, I am trying to build out so the las... by jenkinsta Path Finder in Splunk Search 05-09-2024 0 7	0	7
	using eval and time Afternoon All i'd like some help please with some SPL logic that i just cant crack  I have data on some user in our... by PaulaCom Path Finder in Splunk Search 05-09-2024 0 2	0	2
	How to get Perctage of Uptime for a Transaction Hello,If possible, I need help on getting a Percentage of Uptime for a Transaction overtime. I have a Search created... by tdavison76 Path Finder in Splunk Search 05-09-2024 0 6	0	6
	Field '_time' should have numerical values Hi all,I am new to splunk, and i have got the following error:"Field '_time' should have numerical values" when I tr... by Jamietriplet Explorer in Splunk Search 05-09-2024 0 5	0	5