Splunk Search

Community Activity

Can't MAP a host field with IN clausole in a map searching As in object, it's a strange behaviour, i can't use an IN clausole with host field in a map search. Here's my search... by verbal_666 Builder in Splunk Search 10-21-2019 0 4	0	4
Upgraded from 7.2.6 to 7.3.2, "upload lookup" shows 404 error we recently upgrade our fairly large deployment of Splunk from version 7.2.6 to 7.3.2, and our users are unable to ... by rbal_splunk Splunk Employee in Splunk Search 10-21-2019 0 1	0	1
What are the basics for using the Splunk search interface? I'm new to Splunk. What are some basics I need to know about the features in the search user interface? by jmulcaster_splu Splunk Employee in Splunk Search 10-21-2019 0 3	0	3
Get Saved search name details How do I get a list of saved searches name, the user who ran it, the last time it ran and the query it ran, and who c... by rosh_dsa New Member in Splunk Search 10-21-2019 0 3	0	3
What is Splunk Dev, and how do we use it to develop and share our own apps? We have some use cases that we'd like to develop into Splunk apps. How do we use Splunk Dev to develop our own apps a... by jmulcaster_splu Splunk Employee in Splunk Search 10-21-2019 0 2	0	2
Preview generating custom command result Hi I want to add a generating custom command that will query one of our DBs. So I have followed the tutorials and cr... by electronicsplun New Member in Splunk Search 10-21-2019 0 2	0	2
Show max ,minimum and average values from a pool of host machines on a chart I have the follow search which shows the call count being made to a number of hosts every 15mins "cs_dataowner_id="... by jbassi1 New Member in Splunk Search 10-21-2019 0 2	0	2
Match field values of two fields Hi, If I have a table 'X' and 'Y' , I want to be able to compare if any individual comma separated value in Y is a p... by megha0794 New Member in Splunk Search 10-21-2019 0 11	0	11
How to convert julian date to dd/mm/Y SVSCPLEX,S0W1,S0W1.DAL-EBIS.IHOST.COM,SYSLOG,zOS-SYSLOG-Console,SYSLOG,-0400,NE,001C,19283 01.21.46.880 -0500,S0W1 ... by kavyamohan Explorer in Splunk Search 10-21-2019 0 7	0	7
two values in linechart tooltip So I have a chart that display the average response time over time. To give more context to my chart. I also want to ... by michaelrosello Path Finder in Splunk Search 10-21-2019 0 8	0	8
How can I add another field being shown inside the tooltip when hovered inside an area chart? Need to find a way to code either in XML or JavaScript to add a field from a search inside the tooltip when hovered. ... by marxsabandana Path Finder in Splunk Search 10-20-2019 1 0	1	0
Why is Sparkline not working properly? Hi all, I need help with the sparkline in my spl search because it is not displaying values on the statistics table.... by juliehope14 Engager in Splunk Search 10-20-2019 1 1	1	1
How can I assign a field value to a variable using eval? I want to assign a specific field value to a variable I want to do something like this: \|eval output = ('Fieldname'... by mjlsnombrado Communicator in Splunk Search 10-20-2019 0 6	0	6
How to customize the time range picker to only show "Date Range" as an option? How do I disable some options in the time range picker? For example: Show only DATE RANGE by renanprado96 Path Finder in Splunk Search 10-20-2019 1 5	1	5
How to join or search fields from two different indexes with a common field Hi, I have two indexes basically like this: indexA has field1, field2, field3 indexB has field4, field5, field6 field... by vnguyen46 Contributor in Splunk Search 10-18-2019 1 2	1	2
How to change color depending on value using javascript with a twist, table column names are not fixed? Hello all, I have below javascript code that I use to change the color of my table cell: require([ 'underscor... by dojiepreji Path Finder in Splunk Search 10-18-2019 0 4	0	4
using geo_countries and geo_us_states in same search I want to create a chloropleth map of vendors in the US, highlighted by state. but Canada is also a vendor I want to ... by afdelacruz Engager in Splunk Search 10-18-2019 0 0	0	0
How to edit the frequency of scheduled search? How to locate scheduled search(in alert or dashboards)How to edit the frequency of the scheduled search because it is... by muizash Path Finder in Splunk Search 10-18-2019 0 2	0	2
Sum by Name Regex I've spent awhile messing around with this and can't get anything working. I need to sum a list like this by Storage... by splunk219783 Path Finder in Splunk Search 10-18-2019 0 2	0	2
pie chart to show values of two dates to compare Hi, My requirement is i have given user to choose 2 dates and depending on the dates chosen i need to show pie chart... by surekhasplunk Communicator in Splunk Search 10-18-2019 0 1	0	1
Do splunk upgrades ever remove any files? The upgrade process on linux is basically to unpack the tgz file over the existing splunk home directory. I understa... by gabriel_vasseur Contributor in Splunk Search 10-18-2019 1 3	1	3
Why does the subsearch not exclude the results from main search? I have the following search: index=my_index asset_type="Workstation" asset_atp="false" asset_status="ACTIVE" earlies... by mmarinov Explorer in Splunk Search 10-18-2019 0 3	0	3
Is it possible to do GeoIP of private IPaddresses? Hi I am a user of Splunk and Elasticsearch. I want to do GeoIP with private IPaddresses. There is information about... by rosho Communicator in Splunk Search 10-18-2019 0 2	0	2
Likely Bug With Transaction MaxEvents Hello, I'm using transaction to process events. Per the documentation (https://docs.splunk.com/Documentation/Splunk... by SplunkPersonal Path Finder in Splunk Search 10-18-2019 2 1	2	1
How to create a dummy row if no data? If there is no data for a table I want to create a row whilst waiting for the event to appear and add the word "Runni... by nwoolley Engager in Splunk Search 10-18-2019 0 2	0	2