Splunk Search

Community Activity

Need to filter search to match src_user and time from one eventcode below is what I have so far. What I need to do is match the src_user from event code 4724 and the time to events in 4... by lgrachek Explorer in Splunk Search 10-22-2019 0 8	0	8
How to get transaction to ignore endswith if startswith doesn't exist I have an issue where my transaction search finds endswith events with no startswith events. Not to go into too much ... by mikecal Explorer in Splunk Search 10-22-2019 0 3	0	3
how to transform from row to rows ? i have data like this : used_memory free_memory total_memory used_swap free_swap total_swap 665268 ... by cuongnguyen112 Engager in Splunk Search 10-22-2019 0 5	0	5
Multi search / correlate conundrum Sorry for not spelling the problem out in the title, I'm a bit stuck even for the correct language to describe my puz... by jeremywebb Explorer in Splunk Search 10-22-2019 1 4	1	4
URGENT REQUEST: how to pull specific values from given query? sourcetype=abc "responseStatus=500" "abc.xyz.logging.yyyy.zzzzz" "cccccccccccccc88888883333hhhh" \| rex field=_raw "\... by iqbalintouch Path Finder in Splunk Search 10-21-2019 0 2	0	2
How to extract a word from raw data in Splunk using rex SVSCPLEX,S0W1,S0W1.DAL-EBIS.IHOST.COM,SYSLOG,zOS-SYSLOG-Console,SYSLOG,-0400,NE,001C,19283 01.21.46.880 -0500,S0W1 ... by kavyamohan Explorer in Splunk Search 10-21-2019 0 4	0	4
How to format a website/service downtime duration calculation results Hi all, I have the below dataset for a website. Time,title, response code 01/10/2019 08:22 ABC_PORTAL 200 01/10... by venky1544 Builder in Splunk Search 10-21-2019 0 4	0	4
How to send a single email to multiple email id mentioned in different rows of the table Hi All I have following table as outcome of my query :- Name lastname Emailid A D ab... by rahulbhatia Path Finder in Splunk Search 10-21-2019 0 1	0	1
Compare two lookup tables Hello all... I have to compare two lookup table files in splunk. One is a list of hosts that should Be logging, and t... by brent_weaver Builder in Splunk Search 10-21-2019 0 1	0	1
Return value based on another field using a muilti-value field Here is my data in the table: Index Field1 Field2 1 0 A,B,C 1 -5 D,E,F 1 -10 G,H,I I have... by pyroman26 New Member in Splunk Search 10-21-2019 0 1	0	1
How to compare fields value with old fields value I am trying to make a search that will compare the fields value with the old fields value to determine if there is an... by kulwindersandhu New Member in Splunk Search 10-21-2019 0 10	0	10
Can't MAP a host field with IN clausole in a map searching As in object, it's a strange behaviour, i can't use an IN clausole with host field in a map search. Here's my search... by verbal_666 Builder in Splunk Search 10-21-2019 0 4	0	4
Upgraded from 7.2.6 to 7.3.2, "upload lookup" shows 404 error we recently upgrade our fairly large deployment of Splunk from version 7.2.6 to 7.3.2, and our users are unable to ... by rbal_splunk Splunk Employee in Splunk Search 10-21-2019 0 1	0	1
What are the basics for using the Splunk search interface? I'm new to Splunk. What are some basics I need to know about the features in the search user interface? by jmulcaster_splu Splunk Employee in Splunk Search 10-21-2019 0 3	0	3
Get Saved search name details How do I get a list of saved searches name, the user who ran it, the last time it ran and the query it ran, and who c... by rosh_dsa New Member in Splunk Search 10-21-2019 0 3	0	3
What is Splunk Dev, and how do we use it to develop and share our own apps? We have some use cases that we'd like to develop into Splunk apps. How do we use Splunk Dev to develop our own apps a... by jmulcaster_splu Splunk Employee in Splunk Search 10-21-2019 0 2	0	2
Preview generating custom command result Hi I want to add a generating custom command that will query one of our DBs. So I have followed the tutorials and cr... by electronicsplun New Member in Splunk Search 10-21-2019 0 2	0	2
Show max ,minimum and average values from a pool of host machines on a chart I have the follow search which shows the call count being made to a number of hosts every 15mins "cs_dataowner_id="... by jbassi1 New Member in Splunk Search 10-21-2019 0 2	0	2
Match field values of two fields Hi, If I have a table 'X' and 'Y' , I want to be able to compare if any individual comma separated value in Y is a p... by megha0794 New Member in Splunk Search 10-21-2019 0 11	0	11
How to convert julian date to dd/mm/Y SVSCPLEX,S0W1,S0W1.DAL-EBIS.IHOST.COM,SYSLOG,zOS-SYSLOG-Console,SYSLOG,-0400,NE,001C,19283 01.21.46.880 -0500,S0W1 ... by kavyamohan Explorer in Splunk Search 10-21-2019 0 7	0	7
two values in linechart tooltip So I have a chart that display the average response time over time. To give more context to my chart. I also want to ... by michaelrosello Path Finder in Splunk Search 10-21-2019 0 8	0	8
How can I add another field being shown inside the tooltip when hovered inside an area chart? Need to find a way to code either in XML or JavaScript to add a field from a search inside the tooltip when hovered. ... by marxsabandana Path Finder in Splunk Search 10-20-2019 1 0	1	0
Why is Sparkline not working properly? Hi all, I need help with the sparkline in my spl search because it is not displaying values on the statistics table.... by juliehope14 Engager in Splunk Search 10-20-2019 1 1	1	1
How can I assign a field value to a variable using eval? I want to assign a specific field value to a variable I want to do something like this: \|eval output = ('Fieldname'... by mjlsnombrado Communicator in Splunk Search 10-20-2019 0 6	0	6
How to customize the time range picker to only show "Date Range" as an option? How do I disable some options in the time range picker? For example: Show only DATE RANGE by renanprado96 Path Finder in Splunk Search 10-20-2019 1 5	1	5