Splunk Search

Community Activity

Splunk has not returned event in the result two weeks ago but now returns it. How is that possible? Hello I have a saved search that is running every month at 1st day. The search is not new and has been working a long... by net1993 Path Finder in Splunk Search 08-14-2019 0 0	0	0
Handle different search results as one by analysing the percentage match Hi Community, i have a search which shows me all PHP-Errors in the configured timespan. Now i want so sort this resu... by mmsbswe Engager in Splunk Search 08-14-2019 0 2	0	2
Automatic key-value field extraction does not handle special characters ? Hello, Here is the raw text of my event. {"country_code":"FR","currency":"EUR","reseller":"Franc\u00e9 Loisirs"} ... by juleserror Engager in Splunk Search 08-14-2019 0 1	0	1
How to assign value for any field as "0" when no events are there for the field? I have a below query. But the below is not giving results after the July 11 date because there are no events for the ... by abhi04 Communicator in Splunk Search 08-14-2019 0 5	0	5
help with eval if needed I have the following search: \|makeresults \| eval trigger=0\|eval decision=if(trigger==1, [ \| makeresults \|rename co... by damucka Builder in Splunk Search 08-14-2019 0 6	0	6
Help with custom search command (wait) needed Hello, I need to apply 60 sec delay between two SPL commands, which start and collect the DB trace per dbxquery. In... by damucka Builder in Splunk Search 08-13-2019 0 7	0	7
How to identify data communications to iCloud - first ever post - new splunk user Hi everyone, I am fairly new to splunk. I am trying to work out the syntax in order to identify if a staff member ha... by Arpanet31 Engager in Splunk Search 08-13-2019 0 1	0	1
How to format a table I have a search that will produce a pretty basic table like this: index=myindex \| chart count by host, partition ho... by ShagVT Path Finder in Splunk Search 08-13-2019 0 3	0	3
how to get extract field in a numeric format? I'm trying to extract value from a field in the raw text using a regular expression. I want the field values to be e... by gwtm_hak Engager in Splunk Search 08-13-2019 0 1	0	1
Joining two searches based on a common field Hello Everyone, I have two search queries which are working as expected but when I trying to join both these queries... by rajatsinghbagga Explorer in Splunk Search 08-13-2019 0 12	0	12
How can I have the query when the field have the % (same pictures) I have the field count number and %, How can I set the query to run? by Joycetran New Member in Splunk Search 08-13-2019 0 2	0	2
How to count pass of fail rate from all if conditions I have the following , I want to know how to calculate rate on rule1, rule 2, rule3.... pass and fail rates(only for... by jenniferhao Explorer in Splunk Search 08-13-2019 0 2	0	2
Where function not calculating fields as expected I have a basic search to identify systems that have not checked into a service for X amount of time. There is nothin... by cshadduck Explorer in Splunk Search 08-13-2019 0 6	0	6
Does multisearch suffer from subsearch limits? by marcusnilssonmr Path Finder in Splunk Search 08-13-2019 2 2	2	2
extracting events based on certain conditions HI all, I am stuck in a scenario which has multiple conditions and i am unable to resolve it. Kindly Help!!! I have... by bhavneeshvohra Engager in Splunk Search 08-13-2019 0 3	0	3
How to multiply? Hi, Can someone please help me with this query? I am trying to multiply the fields Batch_Size and count and return ... by rlaul Engager in Splunk Search 08-13-2019 0 2	0	2
cant figure this out I have this query below .. I need to report on the last successful backup 'over' 24 hours.. which this does... howeve... by kjonesdba_lm Explorer in Splunk Search 08-13-2019 0 11	0	11
automated query results from run to run I'm creating a query that runs every day at 03:00 I need to use the field "INSERT_DATE" as my time entry. Its current... by codedtech Path Finder in Splunk Search 08-13-2019 0 2	0	2
transpose but with one column being a group by column Hi, So at the current state of my search results in following format: key fieldname fieldvalue k1 name1 ... by harshpatel Contributor in Splunk Search 08-13-2019 0 1	0	1
How to get the data from previous week in a lookup Hi. I have a lookup with a timestamp field, myTime, how can I put all the data from the previous week based on the ... by lucas4394 Path Finder in Splunk Search 08-13-2019 0 2	0	2
Error Tcpinputproc - Error encountered for connection Hi, could anyone explain this error to me? 11-11-2011 22:22:22.976 +0000 INFO StreamedSearch - Streamed search con... by keithsim Engager in Splunk Search 08-13-2019 0 0	0	0
How to change color of an apps navigation bar? Hi fellow splunkers, I use splunk 6.4 and tried to change the color of an apps navigation bar. The way I read abou... by horsefez Motivator in Splunk Search 08-13-2019 2 5	2	5
Lookup field values not in search(index) I need to display the values which are present in mylookup and NOT in my index Search I tried : \| inputlookup myloo... by vickram New Member in Splunk Search 08-12-2019 0 1	0	1
geostat is taking only one value from the lookup table I'm trying to show the count of the number of hosts in an area using a cluster map. I have added a lookup CSV file wi... by gwtm_hak Engager in Splunk Search 08-12-2019 0 2	0	2
Monthly Graph not showing proper value on X axis I am creating monthly chart using splunk timechart query as shown below: index="sample_audit_log" \| timechart span=1... by hanibans New Member in Splunk Search 08-12-2019 0 4	0	4