Splunk Search

Community Activity

	How to search result in data and put it in a table I need to create a table from the results in the query below. where the utilization is greater than or equal to .7. ... by codedtech Path Finder in Splunk Search 08-29-2019 0 5	0	5
	EVAL Total Duration in Minutes Across 2 Indexes ive created a table with monitoring in for our daily checks However I still need to do an eval to get the Total Dura... by lavster Path Finder in Splunk Search 08-29-2019 0 5	0	5
	Why isn't the rename command not renaming fields? I'm currently creating a list that lists top 10 technologies and I'm trying to rename "Red" as "Red Hat" using the re... by payton_tayvion Path Finder in Splunk Search 08-29-2019 0 4	0	4
	Build a parent child relation Hi All, Below is my situation: parentkey childkey b c 0 a a b b d b ... by bharathkumarnec Contributor in Splunk Search 08-29-2019 0 4	0	4
	How to condense names and change to number? This is a very basic question. I have a set of data that gives me a list of groups and the names of each user in each... by darrenaefc Engager in Splunk Search 08-29-2019 0 4	0	4
	How to count errors for only a certain application? Hi, my query returns exceptions thrown by every application. How do I filter this query to display only certain appli... by lsy9891 Engager in Splunk Search 08-29-2019 0 3	0	3
	How to generate the regex to extract distinct values of this field? Hi, I have events with the field WindowsIdentity. Some examples of this field values are: WindowsIdentity: IIS APPP... by lsy9891 Engager in Splunk Search 08-29-2019 0 7	0	7
	zero'ing counter problem (and associated graph spike explosion) Hi Splunk gurus. I have a query problem thats been challenging me for a while. When my polling breaks, or when co... by keiran_harris Path Finder in Splunk Search 08-29-2019 0 2	0	2
	Multivalue input choice box length css Hello there! I am looking for a way to adjust multivalue choice box length to keep them on one line. I have already... by D2SI Communicator in Splunk Search 08-29-2019 0 2	0	2
	Get numbers Hi, I need to get numbers between event. 1) event: Heap: 12.8G(15.0G), and 12.8 all the time is changing, and I nee... by pudanelilita Explorer in Splunk Search 08-29-2019 0 6	0	6
	curl / python api fails on regex - scripted input When i run this in curl curl index=text\|rex field=_raw "ApplicationRegistry-(?.*)" max_match=0 \|table source,sourcety... by 9738078959 Engager in Splunk Search 08-29-2019 0 2	0	2
	Custom Role - Unable to search any indexes I have setup splunk enterprise 7.2.1. Custom roles are created under $SPLUNK_HOME/etc/system/local/ authorize.conf ... by potluri_88 Explorer in Splunk Search 08-29-2019 0 3	0	3
	One field and multiple custom values and get percentages Hi, I need hep to create table, which shows multiple custom values / field count / % example, how it need to look: by pudanelilita Explorer in Splunk Search 08-29-2019 0 2	0	2
	How to troubleshoot error "Search process did not exit cleanly, exit_code=-1, description="exited with code -1"."? I'm getting the following error. How do I troubleshoot? Search process did not exit cleanly, exit_code=-1, descript... by mrtolu6 Path Finder in Splunk Search 08-29-2019 0 6	0	6
	Save results of saved search back into an index. Can we save results of a saved search/ search back into splunk. Something similar to a view in SQL database. Splunk q... by johnsasikumar Path Finder in Splunk Search 08-28-2019 0 1	0	1
	Is the Enterprise Security 'ECSU - Remote Desktop Network Bruteforce - Rule' correlation search incorrect? Hi Splunkers, I was wading through some of the Enterprise Security correlation searches and I noticed that the Remot... by grashupfer Engager in Splunk Search 08-28-2019 0 0	0	0
	How to filter out inline result Hello, After my query my result is: <ns2:OriginCountry>RUS</ns2:OriginCountry><ns2:MessageValues><ns2:MessageValu... by alivesince92 Engager in Splunk Search 08-28-2019 0 11	0	11
	Array possibility in Splunk Hello, I am new to Splunk and wanted to create a dashboard. I have 8 ORs coming through log but the problem is if an... by vishal9023 New Member in Splunk Search 08-28-2019 0 7	0	7
	Why does fieldformat not work if field is renamed? I have reviewed https://answers.splunk.com/answers/63730/using-fieldformat-and-rename.html?utm_source=typeahead&utm_m... by seomaniv Explorer in Splunk Search 08-28-2019 0 3	0	3
	Index vs Sourcetype - What's faster I am curious, does including an index help the search any when writing a search? This comes about as me and a frien... by chandlercr New Member in Splunk Search 08-28-2019 0 2	0	2
	How to extract trailing numbers from a string with rex I'm trying to extract a string (alphabets and underscore) from a given string which can contain any number of numeric... by hmbisht Explorer in Splunk Search 08-28-2019 0 3	0	3
	How to get all sets of response time from user to agent in the entire log In the above log User(Saj) to Agent(Rohi) Response for all the conversations in the log should be captured: In the ab... by rajaguru2790 Explorer in Splunk Search 08-28-2019 0 0	0	0
	Need to return second line's agent response time as a separate field using Regex by finding the agent using system message "online for chatting" in the first line Rohi is the agent and Saj is the user. Using system message we can find the . Then we need to matc h the next line of... by rajaguru2790 Explorer in Splunk Search 08-28-2019 0 14	0	14
	percentage i have a field called application_name it is indexing to Splunk for every 5 min. so if i run top command for getting ... by srinivasmanikan Engager in Splunk Search 08-28-2019 0 11	0	11
	How to find certain field values and change the value into another field If the vulnerability column has a certain value then a new column called ‘Software_Affected’ has a corresponding valu... by ajdyer2000 Path Finder in Splunk Search 08-28-2019 0 3	0	3