Splunk Search

Community Activity

	Advanced filtering on \|inputlookup command A large kv lookup table (>2M entries and growing) holds metadata and is processed on a regular schedule to solve some... by ololdach Builder in Splunk Search 10-04-2019 0 3	0	3
	Lookup csv file not producing correct results Hello, I have a lookup file called fs_src_mac_tg.csv has two columns: src_mac and exists src_mac = a list of mac addr... by wtaylor149 Explorer in Splunk Search 10-04-2019 0 8	0	8
	Timechart automatic high resize Hi, I've got a timechart with different columns (depending on the search). If I don't get many columns, the high of ... by ea7777777 New Member in Splunk Search 10-04-2019 0 2	0	2
	Dew Point Calculation I am trying to produce or calculate the Dew Point in Celsius of data in two separate indexes. I believe the offcial ... by adrianrepublic Explorer in Splunk Search 10-04-2019 0 4	0	4
	Regular expression in log message I'm struggling now. Could you please help me? There are two hosts. they have same log data. the host name is differ... by nanachu Path Finder in Splunk Search 10-04-2019 0 3	0	3
	Join not working index="event" \| rex field=Macaddress mode=sed "s/(.{2})/\1-/g s/-$//" \| rename Macaddress as "macAddress" \| eval Se... by kavyamohan Explorer in Splunk Search 10-03-2019 0 3	0	3
	Search to find the timestamp of each (Login, Logout, Expire) keyword from _raw and log file last updated time Hi Guys, Can anyone please help me in the below search. I want the name of all logfiles with details of keywords fro... by sahil237888 Path Finder in Splunk Search 10-03-2019 0 2	0	2
	extract url and product. mess.url= /ae-business/shop/question/answer/product/HHRM2M/B?furl=bd2b75a1e85553a64aa4df2c47c93e049ccfe0d07f5dc518f95... by sandeepmakkena Contributor in Splunk Search 10-03-2019 0 4	0	4
	event count comparison with today vs yesterday vs last week vs prior week Hi, I have two strings like "opend" and "exited" in the events. So i need to count how many opened and exited today a... by john_q Explorer in Splunk Search 10-03-2019 0 4	0	4
	Find average when using group by Here is my query index="search_index" search processing_service \| eval time_in_mins=('metric_value')/60 \| stats a... by balash1979 Path Finder in Splunk Search 10-03-2019 0 3	0	3
	Map command maxsearches unexpected behavior I have the search below: index=stats_summary dest_ip=172.* \| dedup src_ip dest_ip\| map maxsearches=100 search="\| i... by gkapitany Explorer in Splunk Search 10-03-2019 0 4	0	4
	How to compare values from 2 different rows? Good afternoon could someone help me with this query: I have the following values \| users \| Age \| user1 \| 99 u... by efaundez Path Finder in Splunk Search 10-03-2019 0 2	0	2
	How to compare values from 2 different rows? Good afternoon could someone help me with this query: I have the following values \| users \| Age \| user1 \| 99 u... by efaundez Path Finder in Splunk Search 10-03-2019 0 3	0	3
	How do you combine info from multiple events but for one customer in one table. How do you combine info from multiple events but for one customer in one table or dashboard? For example: Event1: C... by cspaid75 New Member in Splunk Search 10-03-2019 0 1	0	1
	How to add additional columns in search results based on the field I've a search like this: (api=*/getUser) OR (api=/api/v1/addUser component=Comp1) OR (api=/api/v1/addUser component=... by email2vimalraj New Member in Splunk Search 10-03-2019 0 1	0	1
	Having append issues in joining searches and combining the results Hello Experts Actually I am trying to join the results of two searches. There are 3 indexes 1a,2b, and 3c with many... by gopiven Explorer in Splunk Search 10-03-2019 0 2	0	2
	Peak hour count of most Visited Pages Hi, I am working on a query to get the peak hour count of of the top 100 visited pages on my website and i want this ... by Shashank_87 Explorer in Splunk Search 10-03-2019 0 4	0	4
	What is the proper way to make user-prefs settings take effect? I am trying to to default particular roles to particular apps by including default_namespace in a user-prefs file ins... by twinspop Influencer in Splunk Search 10-03-2019 0 1	0	1
	Result of two different search Hello , i have a csv file that contains the list of all existing services, and i have a search already created that... by aalaa Path Finder in Splunk Search 10-03-2019 0 2	0	2
	help on a count for doing a pie chart hi From the code below, I need to do a pie chart with 2 labels I am doing a first count in order to count the events... by jip31 Motivator in Splunk Search 10-03-2019 0 4	0	4
	how to show start ,end time , duration in a table Hi Experts , I know this can be achieved in splunk , I have data like below name,status,date erp,200,2019-10-01 08... by vikas_gopal Builder in Splunk Search 10-03-2019 0 2	0	2
	How to calculate peak hour count along with requested content Hi, I am working on a query to get the peak hour count of of the top 100 requested pages on my website and i want thi... by Shashank_87 Explorer in Splunk Search 10-03-2019 0 4	0	4
	How to subtract values from two different fields but successive fields as shown below? group count SubTotal Desired_Field WEEK1 9 36 36 WEEK2 1 36 27 WEEK3 3 36 26 WEEK4 7 36 23 WEEK5 2... by dinkarvidyarthy New Member in Splunk Search 10-03-2019 0 0	0	0
	How to make index-time field extraction work for REST API receiver input? I have INDEXED_EXTRACTIONS = json and TIMESTAMP_FIELDS = my_timestamp_field in [my_json_type] stanza. This works whe... by yuanliu SplunkTrust in Splunk Search 10-03-2019 0 0	0	0
	How to calculate the "adjusted mean" or "least square mean" in splunk? What I currently have, name=EVENT_1 \| stats count(metrics.time), median(metrics.time, mean(metrics.time) by name ... by conky2019 New Member in Splunk Search 10-03-2019 0 0	0	0