Splunk Search

Community Activity

High quality chart export Hi community, Do you know if there is a reliable or supported way to export charts from a dashboard in a high qualit... by davidemagni Explorer in Splunk Search 10-09-2019 0 1	0	1
How to assign colors for a choropleth map based on the range of counts? Hi, I have a choropleth map, in which I have count like 0,179, 10, 65, 10 So , I want to put the color red if it is... by abhayneilam Contributor in Splunk Search 10-09-2019 2 3	2	3
How to compare multiple values of a field with the corresponding values of another field and add a new value based on the comparison result? I want to check for list of applications installed and its versions from all the PCs in my environment. If all the li... by sureshmurgan Path Finder in Splunk Search 10-09-2019 0 5	0	5
custom field values with space character i can not search custom field values(with space character) that JSON type data coming from jira app. for example cu... by rarki Explorer in Splunk Search 10-09-2019 0 3	0	3
How to create a pie chart with only true false values I am working with this search: index=lab-testresults type=browser NOT(browser="UK" OR browser="Firefox") suiteID="... by disillusioned New Member in Splunk Search 10-09-2019 0 2	0	2
Why is stats count by sourcetype missing some sourcetypes? index=app_xxxxxxxxx_products cluster_name=dxx-exx-awslab sourcetype=xxxxxxx:deployment-info \| stats count by sourcety... by dilpreetsingh Engager in Splunk Search 10-09-2019 0 1	0	1
Can anyone please help with with the issue , Getting the below error under Search head Search peer ###############.com has the following message: Failed to register with cluster master reason: failed meth... by Inayath_khan Path Finder in Splunk Search 10-08-2019 0 1	0	1
TSTATS with count zero and APPENDCOLS error Now i have a case: - count call API "XXX/authen" (not session) by src_ip (1) \| tstats summariesonly count from datamo... by longnh26 New Member in Splunk Search 10-08-2019 0 1	0	1
splunk SPL my search \| stats count(eval(Code="3011648")) as "Incorrect login code" I am counting incorrect login code from thi... by vikram1583 Explorer in Splunk Search 10-08-2019 0 5	0	5
How to get events around identified event Hello, I have a dashboard that identifies Windows hard shut downs (event code=41). However, we want to see the windo... by jamesvz84 Communicator in Splunk Search 10-08-2019 1 3	1	3
How does dedup treat multivalue fields? Which events are removed when multivalue comes into play? by landen99 Motivator in Splunk Search 10-08-2019 0 1	0	1
Lookup Tables - Dedup Hello, I Googled and checked several answer posts, but perhaps I am not wording it correctly in the search engines. ... by genesiusj Builder in Splunk Search 10-08-2019 0 2	0	2
Stats 2 results together and filling in the blank fields with dynamically-generated values I need to create volume-base alerts so we know when volume drops. The services we need to monitor are usually suffix... by weidertc Contributor in Splunk Search 10-08-2019 0 4	0	4
How to detected a Deviation of 20% vs weekly average? Hi team! I need to do that: Eventcode = 4624 and 4634 with Logon Type = 10. An event will be generated if an access... by christianubeda Path Finder in Splunk Search 10-08-2019 0 2	0	2
Lookup values not shown on result table Hello all, I am searching in Splunk for the last login date of a User and export it into a table: ... \| eval date=s... by dunick Engager in Splunk Search 10-08-2019 0 3	0	3
How to get a table to show more than 100 rows Is there any way i can increase the number of rows in a Table to 1000 instead of 100? by ptadakam New Member in Splunk Search 10-08-2019 0 3	0	3
Compare two sources with multiple value Hi folks, Hi have a case needing to compare 2 sources with CSV type Source 1 has fields as below: start_time_s1, e... by nguyenhuyhoang0 New Member in Splunk Search 10-08-2019 0 3	0	3
How to get common values in two different fields in two different searches Hi all, I'd be grateful if you could help me with this. I have read other similar questions but none of them seem to ... by xiantros Engager in Splunk Search 10-08-2019 0 7	0	7
Please help for ssl for splunkd - Splunk runs but cannot log in and is slow Hello I want to secure splunkd DS->clients with self-signed ssl cert but for some reason it doesn't work. From splun... by net1993 Path Finder in Splunk Search 10-07-2019 0 2	0	2
How to sort the result set or remove paging on trellis chart? Hi All, I am trying to create a trellis chart to provide the details of 32 components. Trellis chart is showing just... by mjsplunk_007 New Member in Splunk Search 10-07-2019 0 1	0	1
Is there a way to automate diag to support? All, Silly question - Is there a way to automate the sending of diags to Splunk support? I'd like to know they have... by daniel333 Builder in Splunk Search 10-07-2019 1 2	1	2
What is a Workbook in Splunk Investigate? What is a Workbook in Splunk Investigate? by bjanczer_splunk Splunk Employee in Splunk Search 10-07-2019 0 3	0	3
How to search two Indexes based on matching fields and add fields from both indexes to a table I'm new to splunk And i'm trying to add some logic to reduce false positives. I have two indexes Index=A index=B B... by jrindfleisch Observer in Splunk Search 10-07-2019 0 4	0	4
What's the delay between last event written to disk and now()? All our cyber alerts are now based on the last five minutes of indexed data. Therefore we wondered about a potential ... by danielbb Motivator in Splunk Search 10-07-2019 0 5	0	5
extract uri /hk-zh/shop/buy-phone/phone-1/5.8-%E5%90%8B%E9%A1%AF%E7%A4%BA%E5%99%A8-256gb-%E9%8A%80%E8%89%B2 1059 /hk/shop/buy-pho... by sandeepmakkena Contributor in Splunk Search 10-07-2019 0 2	0	2