Splunk Search

Community Activity

Difference bewteen two variable date reports, considering the direction Hello, I'm trying to create a search that shows what results are missing today - a, compared to yesterday - b. a and... by ABurk New Member in Splunk Search 09-27-2019 0 3	0	3
how to execute a search everyday and every 8 hours I have three teams in industrial company, the first starts work at 6am, the second at 2pm, and the third at 10pm, the... by amani28 New Member in Splunk Search 09-27-2019 0 6	0	6
Update indexed data after a monitored file has been changed Dear friends, with my company besides investigating log-data we are getting ready to roll-out splunk for the Busines... by mkohl New Member in Splunk Search 09-27-2019 0 2	0	2
How to print a change in value Hi all, Please help me to set an alert when a value change occurred. Also, I need to print old and new values. by tech_soul New Member in Splunk Search 09-27-2019 0 1	0	1
SNMP polling get data of same oid (modular input app) Hello Splunker's, I use the SNMP modular input application, to collect SNMP polling data. I want to recover only a... by TISKAR Builder in Splunk Search 09-27-2019 0 1	0	1
Is it possible to exclude search results with two lookup files? Hi,all I'm sorry but I use lookup for the first time. Is it possible to exclude search results with two lookup file... by subachu New Member in Splunk Search 09-26-2019 0 3	0	3
What are better ways to provide counts? Dear All, There are 3 source types and we are pushing data into same index we need to give the count based on each s... by santosh11 New Member in Splunk Search 09-26-2019 0 2	0	2
How to search iterate through lookup file I have an input lookup table with a list of user accounts we are trying to search through. Instead of doing index=w... by chrisfilor Engager in Splunk Search 09-26-2019 0 1	0	1
help on a text comparison fonction Hi I need to compare two fields from the text characters of these two fields So I need to do something like this whe... by jip31 Motivator in Splunk Search 09-26-2019 0 3	0	3
Vertical Scroll bar to Bar Chart Dear Friends, Is there a way to add the vertical scroll bar to bar chart . Please suggest. by splunklakshman Explorer in Splunk Search 09-26-2019 0 2	0	2
Why does my timechart search return "No results found"? Hi, I have a search where Splunk data is joined with a lookup, and I need a timechart on one of the fields provided ... by a212830 Champion in Splunk Search 09-26-2019 0 8	0	8
How to search over multiple lines Hello together, I want to search for "Binding Type: 0" in the following example log: LogName=Directory Service Sour... by ahmet_goekduman New Member in Splunk Search 09-26-2019 0 1	0	1
How to disable serverclass aids In the serverclass spec link:serverclass.spec , Is there a way to disable these "helpful" regex aids? I'm already pr... by trs01 New Member in Splunk Search 09-26-2019 0 0	0	0
How to add two rows to one? I have 2 rows with same field name, how do I add the count of 2 rows and display the result in one row. please find... by mmengu416 New Member in Splunk Search 09-26-2019 0 1	0	1
How to perform branching to different SPL commands based on the value of a field? Hello, Novice, but getting better. I am searching the Internet, Splunk Docs, and Splunk Answers for an answer. Meanwh... by genesiusj Builder in Splunk Search 09-26-2019 0 7	0	7
Behaviour with the fillnull & replace commands host=* sourcetype=* \|replace .zip WITH IN Object \| replace .csv WITH IN Object \| replace .null WITH IN Obj... by akarivaratharaj Communicator in Splunk Search 09-26-2019 0 1	0	1
Forcing eventgen to refresh normalised replacement files I am using eventgen to generate transaction type data, where I create an event in Splunk and then at some point in th... by bowesmana SplunkTrust in Splunk Search 09-26-2019 0 2	0	2
need to route data to nullqueue based on index Hi, I need to route the index data to null-queue based on the strings from the events. For example, all the events t... by purnavenkatesh Explorer in Splunk Search 09-25-2019 0 12	0	12
How to subtract values from same field in subsequent event and with the resulted values i want to make a chart Hi All, I am new to Splunk. please help me here on this requirement. i would like to check if there is any possibil... by harishbabu New Member in Splunk Search 09-25-2019 0 1	0	1
Index a CSV with different data types Hi all - bit of a weird one! I've run out of ideas. Help please! I'm trying to index some CSV files. However, the fi... by phil__tanner Path Finder in Splunk Search 09-25-2019 0 3	0	3
How to efficiently restrict time range for main search only Hi, I have a couple searches where the main search can be limited a fair amount, lets say the last 2 weeks, but I hav... by aatern Engager in Splunk Search 09-25-2019 0 3	0	3
How to exclude certain wildcard matches from the search I need to search for *exception in our logs (e.g. "NullPointerException") but want to exclude certain matches (e.g. "... by franjo Explorer in Splunk Search 09-25-2019 0 11	0	11
How to create average duration over time overlay in timechart I have a time chart that displays the average duration of calls for each day in the time range, the time range is set... by kmedara Engager in Splunk Search 09-25-2019 1 3	1	3
How to combine mv field values into string I have a string field that I split into a variable-length multi-value, removed the last value and need to combine it ... by c_o_serban Engager in Splunk Search 09-25-2019 0 1	0	1
Help with field extraction [Response:"AccessToken":"XXXXX", "AuthenticationLevel":"2","AuthProviderInfo":" [Response:"AccessToken":"XXXXX", "Au... by vikram1583 Explorer in Splunk Search 09-25-2019 0 2	0	2