Splunk Search

Community Activity

replace string in field value using eval or sed I have one field(query) value like select * from host where id = 'something' and name = 'xxxxxx' Now I want to rep... by Sri401 New Member in Splunk Search 10-16-2019 0 3	0	3
how to get the next value in a column I have values like this in a column. Lock Unlock Logon Shutdown I want to get the next value and check it with the ... by kavyamohan Explorer in Splunk Search 10-16-2019 0 5	0	5
how to add Sourcetype Cli command hi i would like add some sourcetype. Adding thoungh Web Browser is easy, just click create sourcetype button and no... by parrotgw Explorer in Splunk Search 10-16-2019 0 1	0	1
How to get results only from latest source file of particular sourcetype HI, I got an index which send data to sourcetype with new source file every week. what I want is to my dashboard se... by avni26 Explorer in Splunk Search 10-16-2019 0 2	0	2
Add a dynamic label to show percentage increase from the same month from last year inside an area chart I need to find a way to show the percentage of increase/decrease inside the label when a certain point of a graph is ... by marxsabandana Path Finder in Splunk Search 10-16-2019 1 0	1	0
How to change the row value to column value ? I have the following query host=localTest sourcetype="perf" Path "/api/*/" cache="MISS" OR cache="HIT" \| stats co... by JyotiP Path Finder in Splunk Search 10-16-2019 0 2	0	2
Can I use an average in maps+ instead of count? While using maps+ the clusters it makes show count of events in it. How can i use average of the values for a particu... by sarauppal Explorer in Splunk Search 10-15-2019 1 2	1	2
Adding two field values I have been unable to add two field values and use the new value of a new column I'm trying to take one field, multi... by mbolostk Explorer in Splunk Search 10-15-2019 1 9	1	9
How to sort groups by group total Hi, I want to display the count of occurrences of logline* for each user per date but sort the groups by total count... by vtalanki Path Finder in Splunk Search 10-15-2019 0 2	0	2
List of user who have logged into Splunk in the last 30 days and what Apps/Indexes they accessed. Hi, Looking to get some help with a query for the following. List of user who have logged into Splunk in the last 30... by aknsun Path Finder in Splunk Search 10-15-2019 0 2	0	2
Getting an Error in 'eval' command: The expression is malformed. Expected ). Hello, So I know this exact same error has been brought up by others here. However, my query is a simple one and the... by joshimeister Loves-to-Learn Lots in Splunk Search 10-15-2019 0 5	0	5
How to create backgrounded search with javascript? All is in the title  I often have to launch long time running search. Instead of waiting for results on dashboards, ... by C_HIEN Path Finder in Splunk Search 10-15-2019 0 1	0	1
Transforms to Remove HTML Tags Hello- I'm importing data from a SQL database that includes HTML tags. Here is an example: NoteText="This is my fir... by DBattisto Communicator in Splunk Search 10-15-2019 0 2	0	2
Wildcard search from lookup Hi, Is there any way to get all the values in the column from the lookup table to build the default choice option in ... by afulamba Explorer in Splunk Search 10-15-2019 0 2	0	2
How to compare two fields from two different searches and display results field not exist? I am running 2 different searches and have to compare the each value in one field with the values in the other field.... by graju89 Path Finder in Splunk Search 10-15-2019 0 5	0	5
How to show an IP is associated with multiple usernames I have one source type and 2 field values, username and IP. How do I show IP that is associated with multiple userna... by alexrod03 New Member in Splunk Search 10-15-2019 0 2	0	2
Basic lookup command Hi all, I am curious the best way to write the following lookup query. I have a 1 column lookup of firewall rule na... by clozach Path Finder in Splunk Search 10-15-2019 0 3	0	3
value of field Hi, I need to take data from field Source and calculate this data : http_400100/Total+http_500100/Total+http_300*1... by pudanelilita Explorer in Splunk Search 10-15-2019 0 3	0	3
How to resolve the below issue ? I have the following query which is giving me all the api which cache value is HIT or MISS. host=localTest sourcet... by JyotiP Path Finder in Splunk Search 10-15-2019 0 1	0	1
Stand out values in Splunk Hi, I have an out of the box query in Splunk. I am trying to find out a way using which we can stand out or highlight... by Shashank_87 Explorer in Splunk Search 10-15-2019 0 2	0	2
Time coversion not working index=asg Process_name=WLR_22-15_Rating earliest =-5m \| convert timeformat="%d-%M-%Y-%H:%M:%S" mktime(start_dtm) mkt... by nwoolley Engager in Splunk Search 10-15-2019 0 4	0	4
Why is timechart showing OTHER for some values? process_inst_id=258600,process_def_id=30,process_name=MIWrite,start_dt=08-OCT-2019-07:39:49,end_dt=,completed=N,runni... by nwoolley Engager in Splunk Search 10-15-2019 0 3	0	3
Help with regex in getting the value out of a certain word Hi everyone. Im not very good in doing regex. I would like to ask for you help here. The situation is to get a certai... by mrccasi Explorer in Splunk Search 10-15-2019 0 3	0	3
Match partial value of 2 fields Hi All, I have a dashboard that accepts user input for a username to search emails. Im trying to display Recipients ... by geraldcontreras Path Finder in Splunk Search 10-15-2019 0 9	0	9
Splunk Query The Splunk report below returns ‘shipping points’ (warehouse codes). Using the lookup table (also below), our job is ... by pratapa Explorer in Splunk Search 10-15-2019 0 0	0	0