Splunk Search

Community Activity

How to filter events for hosts with wildcard in a search querry. Hello all, I am new to Splunk, so please excuse any gaps in my knowledge :). I am trying to create customized alerts... by kiroalbatrosa New Member in Splunk Search 09-10-2019 0 5	0	5
field extraction I have a filed that has value something like this: ww.abcd.hongkong ww.abcd.cn ww.abcd.asiaenglish.ph ww.abc.us I w... by sandeepmakkena Contributor in Splunk Search 09-09-2019 0 1	0	1
Sum of a multivalue field inside a row Sum of a multivalue field inside a row Hi below is how my processed data look like And the expected output is to... by varunCarbyne Explorer in Splunk Search 09-09-2019 0 6	0	6
Avg of past data vs current product data. I have product family pens, we release a new pen named blue. I want to compare avg sales of pens in past 24hrs with s... by sandeepmakkena Contributor in Splunk Search 09-09-2019 0 0	0	0
Lookup table of key=value limits with a random assignment of key=value fields indicating consumption with different field names I have a lookup table that has information such as resources_available_queue_a=1000 resources_available_queue_b=23 r... by mjones414 Contributor in Splunk Search 09-09-2019 1 8	1	8
Fix table header and add vertical scrollbar using CSS and JavaScript Hi All, I want to display 100 rows results in table per page with vertical scrollbar and fix the header when we move... by 493669 Super Champion in Splunk Search 09-09-2019 0 30	0	30
Display the top 5 line chart field values I'm having some trouble with getting the top 5 line values on a line chart. My current search is below index=db sou... by mcg_connor Path Finder in Splunk Search 09-09-2019 0 2	0	2
Column width adjustable table Morning all, Im sure this may have been answered in the past, but is there away to have a table in splunk that you c... by rossparfect Path Finder in Splunk Search 09-09-2019 0 1	0	1
How to create a sub-search that looks for events 10 mins earlier index=windows sourctype=bla EventCode=g host=abc user=cvb NOT [ search index=email \|table _time,host \|fields _time, ... by dyelchuriyelchu Engager in Splunk Search 09-09-2019 0 1	0	1
KV_Mode against Constant value host fields I have a new data source that extracts quite well using KV_mode = auto (or KV_Mode=json). The data itself is a simp... by MFiller90 Explorer in Splunk Search 09-09-2019 0 2	0	2
Field extraction I have field in my raw events src = https://www.abcd.com/shop/buy-laptop/dell-200 src= https://www.abcd.com/shop/bu... by sandeepmakkena Contributor in Splunk Search 09-09-2019 0 2	0	2
How to alert when a deviation has been detected in volume between two time periods? I currently use the following query to compare volume counts between current day and a week ago: sourcetype=abc inde... by bcaunt New Member in Splunk Search 09-09-2019 0 3	0	3
creating a scatterplot with time on the x-axis I'm looking to create a multi-series scatter plot where time is on the x-axis. An example would be something like ... by pbrunel_splunk Splunk Employee in Splunk Search 09-09-2019 5 3	5	3
What's the difference between an event and a log Can anyone explain me what's the difference between an event and a log. According to me, an event is set of logs ge... by aruncp333 Explorer in Splunk Search 09-09-2019 0 3	0	3
How to create new field combined from existing fields Hi I have such a table in which is described the proces of any TestMachine: A B ... by spisiakmi Contributor in Splunk Search 09-09-2019 0 3	0	3
How to combine two searches into one table using count twice I have two searches, one getting the current connections and the other getting an average. I'm trying to grab the fie... by aking76 Path Finder in Splunk Search 09-09-2019 0 6	0	6
How to get the row text from inputlookup in a variable for email alert HI! I am using a CSV file to catch some alerts, and that part works fine, I catch all my alerts. index="main" [inp... by mbreton Engager in Splunk Search 09-09-2019 0 0	0	0
Comparing appVersions over time Hi, I am trying to compare my latest app vs all the other app Version to evaluate adoption rate. I would like to disp... by khanyag1 New Member in Splunk Search 09-09-2019 0 9	0	9
Is it possible to use EVAL field in sendemail with DBXQUERY search? I am needing to pass a custom date to the sendemail subject line and I know it is possible using a standard Splunk se... by jnsd03 Explorer in Splunk Search 09-09-2019 0 0	0	0
handling error issues i ran a normal query, but it is auto cancelled after sometime ,so i am interested in why the query has failed.is ther... by farooq3679 Engager in Splunk Search 09-09-2019 0 4	0	4
How to optimize rex to avoid the error message: Error in 'rex' command: regex= has exceeded configured match_limit, consider raising the value in limits.conf Hi. Can you help me, please, to optimize the regular expression. The problem is, when I search in longer time, I rece... by spisiakmi Contributor in Splunk Search 09-09-2019 0 8	0	8
Per day and Per second results not matching up. I am running following queries to get event counts average per second and per day over a weeks period but the results... by angersleek Path Finder in Splunk Search 09-09-2019 0 3	0	3
Convert columns to rows I have a table like below A B C 1 2,3,4 Hello Need a query for wh... by jiaqya Builder in Splunk Search 09-09-2019 0 1	0	1
Multiple fields in one chart Hi, I struggling to create chart, which will be with multiple field values (max,avg and min pauses) + need to see mo... by pudanelilita Explorer in Splunk Search 09-09-2019 0 2	0	2
How do i find out if a field contains part of another field? Hello community. I'm struggling to find emails that have a word in the subject which also have the word in an attach... by sgrierson New Member in Splunk Search 09-08-2019 0 4	0	4