Splunk Search

Community Activity

How to highlight table cell based on few conditions? Hello i have a table with multiple fields but i want to highlight only few of them based on some conditions: the rele... by sarit_s Communicator in Splunk Search 08-23-2019 0 18	0	18
How to trend data over backlog data with input lookup I have the below query which updates from an input lookup but what I want is trend data that shows what the total amo... by Sfry1981 Communicator in Splunk Search 08-23-2019 1 13	1	13
Extend table visualization with new properties to initialize table header with default sort order? With apologies, I'll admit to being lazy asking this question. @niketnilay has already provided an answer to my simil... by Graham_Hanningt Builder in Splunk Search 08-22-2019 1 0	1	0
Ingesting files with a .bak extension Hi Splunkers. We have an application which roles over logs and renames them to have a .bak extension. I've been hav... by torowa Path Finder in Splunk Search 08-22-2019 0 0	0	0
How to use eval to group dates? I have 4 columns of data: Country City Date Price I want to make a table where the Price column is is sum... by viandyg Engager in Splunk Search 08-22-2019 0 1	0	1
crcsalt query I have some CSV files indexed via splunk. I have noticed that files are getting indexed daily even though there is no... by Gowtham0809 New Member in Splunk Search 08-22-2019 0 6	0	6
Guru Needed: I need to find a way to compare files and then create triggers when files are changed/modified etc. Sorry in advance this is such a long post so I'll try describing this in a sentence or two in case this is so easy yo... by mariog2000 Explorer in Splunk Search 08-22-2019 1 13	1	13
work with the versions of the csv Hi Is it possible to work with the versions of the csv files every time it is modified in the Lookup Editor app with... by zayra Loves-to-Learn in Splunk Search 08-22-2019 0 0	0	0
'How do I use regex in Splunk to pull out numbers and decimals and not letters;? For instance: the results have 01.2.3 and ABC5. How do I only pull out 01.2.3? by ESPrioleau New Member in Splunk Search 08-22-2019 0 3	0	3
How to create a column chart with line chart I need to make a chat similar to the following picture base on the data below. The column chart should show 2 column... by jenniferhao Explorer in Splunk Search 08-22-2019 0 4	0	4
How to convert row values into fields with count? Hi. How do I get from the first table to look like the second table? I have tried chart, transpose, different combin... by cindywee New Member in Splunk Search 08-22-2019 0 2	0	2
Where can we rename the src field? We have the following working query - (index=wineventlog sourcetype=WinEventLog NOT ("xxxx" OR "yyyy") src_ip IN (... by danielbb Motivator in Splunk Search 08-22-2019 1 3	1	3
To include 80+ applications in SPL Hello Everyone, I have got the list of 80+ applications this I want to include in my SPL. Is there a way I can use C... by rajatsinghbagga Explorer in Splunk Search 08-22-2019 0 1	0	1
How to get today's and last 7 day's average in single query I have a query index=errors earliest=@d latest=now \|stats count(ErrorCode) as ErrorCountForToday by host I would ... by spoolunk Engager in Splunk Search 08-22-2019 0 9	0	9
single table containing count for today, avg count for last 7 day and deviation of today vs last 7 day avg ------ by ID and Trading Partner Single Table containing - stats count by DID TN - for today avg count for last 7 day by DID and TN deviation of toda... by sayanidasgupta Explorer in Splunk Search 08-22-2019 0 0	0	0
How to create a regex for unmapped queries? I have Splunk logs like: class,method,user,transactionType,,428856645467856301,1073258159,50213,5,2019-08-21 23:17:5... by Nidd Path Finder in Splunk Search 08-22-2019 0 3	0	3
How do I use transaction to extract my required information? I'm very new to Splunk and need to get some details about a transaction which spans multiple events. Am trying to get... by jwindley_splunk Splunk Employee in Splunk Search 08-21-2019 0 7	0	7
Different values in column between two rows Hi , I am having data like Col1 Col2(created from values()) row 1 X ... by vb1612 New Member in Splunk Search 08-21-2019 0 4	0	4
Need to extract field while search only (dont want to use field extraction) using REX Hi, I have diff log formats in a single sourcetype. Thus can't define field extraction - is there way to use REX in ... by rashi83 Path Finder in Splunk Search 08-21-2019 0 1	0	1
How to customize bar chart colors based on the values? Hi Splunkers. I've been trying for a while to customize a bar chart I have. Here are the data I have: range ... by guimilare Communicator in Splunk Search 08-21-2019 2 5	2	5
Lookup based on if statement I am looking to enhance a search with a lookup (if it returns an IP) to replace the value returned in the TID field i... by donemery Explorer in Splunk Search 08-21-2019 0 2	0	2
How to format the SPL as code? Hi, I am working on a dashboard. i am creating a table to monitor the count, average response time and maximum respo... by venkat0896 Path Finder in Splunk Search 08-21-2019 0 8	0	8
How don't we nullify the data? A developer here wrote the following - \|eval admin_activity=if((like(cmd_data, "%audit%") AND like(cmd_data, "%star... by danielbb Motivator in Splunk Search 08-21-2019 0 2	0	2
Can we Ignore timechart column if all rows having 0 values ? Hi, How can we Ignore timechart column if all rows having 0 values. basically I am using trellis to display and w... by AKG1_old1 Builder in Splunk Search 08-21-2019 0 4	0	4
How to use a lookup to compare multiple fields I am trying to run a search from amazon. index=amazon-aws sourcetype="aws:description" source="*:ec2_instances" W... by dsmith1988 Engager in Splunk Search 08-21-2019 0 2	0	2