Splunk Search

Community Activity

How to convert epoch time to a readable format? I'm currently creating a dashboard and need to put the time of an event into a readable format as I currently see a n... by asewell97 New Member in Splunk Search 10-16-2019 0 2	0	2
foreach with more than one FIELD? Hello, In the code below, the first foreach sums the values in field A, and returns 21 (5+3+2+6+1+4=21). The second ... by hriazi Engager in Splunk Search 10-16-2019 0 2	0	2
Can if function be used with sort? I am working on a dashboard that has a radio button that can change a search between the two of the following \| stat... by kamryn Explorer in Splunk Search 10-16-2019 0 2	0	2
How to set search sorting supersedes the table sorting? Let's say I've already specified my filters and submitted my search with "sort" command in it. My search sorts the r... by rajyah Communicator in Splunk Search 10-16-2019 0 2	0	2
Is it possible to change font style in Splunk 7.2.1? Recently Splunk in my organization got upgraded from Splunk 6.6.4 to Splunk 7.2.1 and the font style for table data g... by nagar57 Communicator in Splunk Search 10-16-2019 0 1	0	1
How to create a linechart with Percentages via Timechart I'm looking to create a timechart that will show the percentage of success versus failure of 6 different fields over ... by giventofly08 Explorer in Splunk Search 10-16-2019 0 2	0	2
REGEX Help Trying to pull the value from the 2nd set of brackets [ ] from this log. Some of the data values are blank, some star... by joesrepsolc Communicator in Splunk Search 10-16-2019 0 3	0	3
Concurrent calls per minute I'm trying to calculate the amount of concurrent calls per minute or another time span (e.g. 5 minutes, ...). I'm usi... by danielsuter Engager in Splunk Search 10-16-2019 0 2	0	2
inputlookup with matching events I have one lookup file. Now I want to see the list of servers that are in the list but not in AV index. by riqbal47010 Path Finder in Splunk Search 10-16-2019 0 1	0	1
replace string in field value using eval or sed I have one field(query) value like select * from host where id = 'something' and name = 'xxxxxx' Now I want to rep... by Sri401 New Member in Splunk Search 10-16-2019 0 3	0	3
how to get the next value in a column I have values like this in a column. Lock Unlock Logon Shutdown I want to get the next value and check it with the ... by kavyamohan Explorer in Splunk Search 10-16-2019 0 5	0	5
how to add Sourcetype Cli command hi i would like add some sourcetype. Adding thoungh Web Browser is easy, just click create sourcetype button and no... by parrotgw Explorer in Splunk Search 10-16-2019 0 1	0	1
How to get results only from latest source file of particular sourcetype HI, I got an index which send data to sourcetype with new source file every week. what I want is to my dashboard se... by avni26 Explorer in Splunk Search 10-16-2019 0 2	0	2
Add a dynamic label to show percentage increase from the same month from last year inside an area chart I need to find a way to show the percentage of increase/decrease inside the label when a certain point of a graph is ... by marxsabandana Path Finder in Splunk Search 10-16-2019 1 0	1	0
How to change the row value to column value ? I have the following query host=localTest sourcetype="perf" Path "/api/*/" cache="MISS" OR cache="HIT" \| stats co... by JyotiP Path Finder in Splunk Search 10-16-2019 0 2	0	2
Can I use an average in maps+ instead of count? While using maps+ the clusters it makes show count of events in it. How can i use average of the values for a particu... by sarauppal Explorer in Splunk Search 10-15-2019 1 2	1	2
Adding two field values I have been unable to add two field values and use the new value of a new column I'm trying to take one field, multi... by mbolostk Explorer in Splunk Search 10-15-2019 1 9	1	9
How to sort groups by group total Hi, I want to display the count of occurrences of logline* for each user per date but sort the groups by total count... by vtalanki Path Finder in Splunk Search 10-15-2019 0 2	0	2
List of user who have logged into Splunk in the last 30 days and what Apps/Indexes they accessed. Hi, Looking to get some help with a query for the following. List of user who have logged into Splunk in the last 30... by aknsun Path Finder in Splunk Search 10-15-2019 0 2	0	2
Getting an Error in 'eval' command: The expression is malformed. Expected ). Hello, So I know this exact same error has been brought up by others here. However, my query is a simple one and the... by joshimeister Loves-to-Learn Lots in Splunk Search 10-15-2019 0 5	0	5
How to create backgrounded search with javascript? All is in the title  I often have to launch long time running search. Instead of waiting for results on dashboards, ... by C_HIEN Path Finder in Splunk Search 10-15-2019 0 1	0	1
Transforms to Remove HTML Tags Hello- I'm importing data from a SQL database that includes HTML tags. Here is an example: NoteText="This is my fir... by DBattisto Communicator in Splunk Search 10-15-2019 0 2	0	2
Wildcard search from lookup Hi, Is there any way to get all the values in the column from the lookup table to build the default choice option in ... by afulamba Explorer in Splunk Search 10-15-2019 0 2	0	2
How to compare two fields from two different searches and display results field not exist? I am running 2 different searches and have to compare the each value in one field with the values in the other field.... by graju89 Path Finder in Splunk Search 10-15-2019 0 5	0	5
How to show an IP is associated with multiple usernames I have one source type and 2 field values, username and IP. How do I show IP that is associated with multiple userna... by alexrod03 New Member in Splunk Search 10-15-2019 0 2	0	2