Splunk Search

Community Activity

	Search Factory: Why am I getting unknown search command 'tag' only in Javascript while it works in classic Search? My search starts with this: tag=kpi earliest=1521504000 latest=1521849600 \| table _time enterprise_id facility_id sh... by seva98 Path Finder in Splunk Search 09-18-2019 0 3	0	3
	Field Alais created were not working We have created several Field aliases based on different source and source types in our splunk query. Most of the F... by Gowtham0809 New Member in Splunk Search 09-18-2019 0 3	0	3
	Receiving "OR OR" error message Hello, My colleague and I noticed an issue in the following SPL. If there is data, the SPL works. If there isn't any ... by genesiusj Builder in Splunk Search 09-18-2019 0 10	0	10
	How to convert base search query that uses stats into a timechart? Hi, I want to display this query in my dashboard in two different charts. So this is my base search query: search ba... by lsy9891 Engager in Splunk Search 09-18-2019 0 3	0	3
	How to count one field multiple times with different condition? Since I am new to Splunk is there is demo query for calculating this will be helpful,Basically, i want to count one f... by rj12 Loves-to-Learn Lots in Splunk Search 09-18-2019 0 1	0	1
	How to fix this datamodel error ? "Error decompressing zstd block: Corrupted block detected" This error appears when I search with datamodel but this... by arahf Loves-to-Learn in Splunk Search 09-18-2019 0 1	0	1
	How to use time picker to display the data in this query with appendcols? Hi, I have this query: host="NETAPPA" sourcetype="WinEventLog:Application" AND AppDomainName= "EcomSubscription."A... by lsy9891 Engager in Splunk Search 09-18-2019 0 4	0	4
	Json parsing - event breaks Below is my event : [ [-] { [-] created_at: 2019-08-28T13:48:48.722Z credibility_sco... by Nadhiyaa Path Finder in Splunk Search 09-18-2019 0 7	0	7
	When searching a CSV import via a lookup, what should I do to work around the line limit? Hi team! I import a CSV file via lookup and use this search. index=cesa_paloalto sourcetype="pan:traffic" type=TRAF... by christianubeda Path Finder in Splunk Search 09-17-2019 0 4	0	4
	how do you comment in splunk? how do you comment in splunk? I have tried the below from the below ref, but cannot get it to work, (apologies I can... by HattrickNZ Motivator in Splunk Search 09-17-2019 0 1	0	1
	Query For Earliest Logon and Latest Log Offs Hello! I need to build a Splunk query that displays the earliest log on and and latest log off times for a user in th... by johann2017 Explorer in Splunk Search 09-17-2019 0 7	0	7
	Redirect to dashboard using wildcard I have a dashboard in my app located at myApp/local/data/ui/html/ticket_guru.html This file is returned when I hit: m... by delewis13 Explorer in Splunk Search 09-17-2019 0 1	0	1
	Can't make join to compare the presence of a field value Hello, i'm trying to make a dashboard for a client, the dashboard consists basically in a table, which should show a ... by 3DGjos Communicator in Splunk Search 09-17-2019 0 2	0	2
	How to build a dashboard to show critical devices without any overlap? Hi Giuseppe, Thanks for your quick reply. See below my search: \| inputlookup perimeter.csv \| eval SplunkHost=lower(... by louispaul76 Engager in Splunk Search 09-17-2019 0 3	0	3
	How to sum 2 rows in a table? Hi, In the logs i am analyzing, one of the field's value has changed (change is from '-' to '_'). For example if it... by niddhi Explorer in Splunk Search 09-17-2019 0 2	0	2
	tstat count over nested fields using spath and groupby doesnt return result I have a data set as follows, under index market-list { Resource: { Fruit: mango Type: sweet } ... by sidsinhad Engager in Splunk Search 09-17-2019 0 2	0	2
	How to exclude results based on previous results Hi Splunkers, I'm pretty new to Splunk and trying to exclude events based on previous results. Here is an example of ... by dudiventura New Member in Splunk Search 09-17-2019 0 3	0	3
	How to set the threshold value for each value in the Field? I have results in the table, As shown the below: Name Time Settingname value ... by vvemula Path Finder in Splunk Search 09-17-2019 0 2	0	2
	How to compare inputlookup/lookup to search results and return the results from only the search? I am searching for a user list that I have in a inputlookup/lookup CSV. I need to compare results from a search to th... by CSULeigh Explorer in Splunk Search 09-17-2019 0 5	0	5
	using a $variable$ in the output of a mapped search I am running a search that gets a list of accounts, multiple records that can have multiple accounts in each event. ... by a238574 Path Finder in Splunk Search 09-17-2019 0 2	0	2
	How to run a Shell Script run from a search command? Hi, I am trying to run a shell script from a search command. So I have created a shell script under $SPLUNK_HOME/etc... by SirHill17 Communicator in Splunk Search 09-17-2019 0 6	0	6
	regex to replace numeric value as astreik i want search search level field extraction command to replace all numeric value as astriek Name = Dell vostro 20... by DataOrg Builder in Splunk Search 09-17-2019 0 1	0	1
	How to calculate Splunk session for a user ? Hi Experts, I want to create a report for last 24 hours which provides the information like how many hours users was... by vikas_gopal Builder in Splunk Search 09-17-2019 0 4	0	4
	Is there any way to use fillnull conditionally I have a requirement, where i need to switch the fillnull value between Excluded and N/A. So is there any way that ... by Maniteja81 New Member in Splunk Search 09-17-2019 0 2	0	2
	Retrieve Pevious Work and Queries Hi Splunkers. I'm new on this tool so I'm going to ask you a question. I've worked on a little project and also saved... by WhistlingFawn Engager in Splunk Search 09-17-2019 0 1	0	1