Splunk Search

Community Activity

How to replace any multi values found in search result with true and if the value is null replace with No Hi there! I am updating my question: Below is the scenario where I wanted to see what are the servers got patched sin... by vinaykataaig Explorer in Splunk Search 08-07-2019 0 7	0	7
How to extract a string from an event? Hello, I am very new to Splunk and I would like some help in doing this. I need to extract from this field: Event... by owie6466 Explorer in Splunk Search 08-07-2019 0 3	0	3
How to extract and print out the Splunk tokens in python I have a python script that attempts to get a token from Splunk search result and then build my REST post to TrueSigh... by nimercu New Member in Splunk Search 08-07-2019 0 0	0	0
Search for "search concurrent %" and "skipped search ratio %" I want to create the dashboard for Splunk Health, one of the KPI is "search concurrent %" and " skipped search ratio ... by Joycetran New Member in Splunk Search 08-07-2019 0 3	0	3
Active Directory - Finding if an account is enabled Hello, I am monitoring Active Directory with Splunk and have two questions: 1.) How do I format time in a search? ... by kholleran Communicator in Splunk Search 08-07-2019 0 3	0	3
How to do you change ownership of a lookup file? We have several lookup files for users who have left, and we would like to transfer the ownership to a new production... by sheamus69 Communicator in Splunk Search 08-07-2019 0 2	0	2
Table or graph view for range of results I have logs in my application, that looks like: 8/7/19 1:30:35.977 AM [8/7/19 1:30:35:977 MST] 00000232 MyClass ... by Nidd Path Finder in Splunk Search 08-07-2019 0 3	0	3
last 7 days on an input lookup I have the below query where i want all closed dates counted by the last 7 days but the below is not working \| input... by Sfry1981 Communicator in Splunk Search 08-07-2019 0 3	0	3
Can I ignore some words form a field? Hi team! I have a problem. I want to ignore some words from a field. This what I have: "Aplicación restringida det... by christianubeda Path Finder in Splunk Search 08-07-2019 0 3	0	3
Counting based on range I have an application log like: 8/7/19 1:30:35.977 AM [8/7/19 1:30:35:977 MST] 00000232 MyClass I Method Process... by Nidd Path Finder in Splunk Search 08-07-2019 0 4	0	4
Count different field values by value I have results of a field Severity High Medium Low How do i count the amount of Highs, Mediums and Lows in one field... by lavster Path Finder in Splunk Search 08-07-2019 0 1	0	1
Send command with SH Hi everyone, I would need a .sh script that allows me to read only the second line of a file and then send it to mac... by broccolino New Member in Splunk Search 08-07-2019 0 0	0	0
Most common events/issues/words Hello guys, I'm new in SPLUNK. Just wanted to ask for an advice :). Currently, I have 11,000 ticket data and I'm tr... by chinkeeparco Explorer in Splunk Search 08-07-2019 0 5	0	5
Splunk Daemonset for kubernetes not indexing data due to read only filesystem I have configured splunk daemonset for k8s cluster. Agent logs are flowing. However the application logs are not gett... by vidhijain333 Loves-to-Learn in Splunk Search 08-06-2019 0 0	0	0
Challenges Joining tables and returning values from both indexes Hello, Based on some suggested changes by @jawaharas I was able to successfully lookup the value of user from the Va... by lbrhyne Path Finder in Splunk Search 08-06-2019 0 10	0	10
how to get the first event time and last event time for field value Hi Splunkers, My events will look like below. 2019-08-06 10:14:00 TYPE="PLB_1", STATUS="true", CAR="A", PLACE="ABC... by SathyaNarayanan Path Finder in Splunk Search 08-06-2019 0 4	0	4
How to sum values from specific rows to then display in pie graph Hey guys, I'm trying to add the values that correspond to specific rows in a search, to then display on a dashboard ... by hamishcross Engager in Splunk Search 08-06-2019 0 3	0	3
Comparing/Merging/Grouping timestamp with timespan Hey there! I have logs from two different sources in one search. One source provides a time range, while the other p... by Bastelhoff Path Finder in Splunk Search 08-06-2019 0 2	0	2
Help with splunk query, searchmatch finding false positives Hey All, Very new to using splunk and love the power of dashboards. I'm executing the following index=my_app ("C4C... by hamishcross Engager in Splunk Search 08-06-2019 0 4	0	4
Does splunk support forwarding data from an IBM IFS (Integrated file system)? Hello, There is an Add-on or connector in splunk to forward data from IFS (Integrated File System) IBM ? Thank yo... by Kawtar Path Finder in Splunk Search 08-06-2019 0 3	0	3
How to trigger rs.slaveOk() from Splunk MongoDB (Hunk) app to query data from secondary instance We have a requirement of querying MongoDB collections from secondary instance using Splunk MongoDB app (Hunk). The vi... by sandeepkumar23 Explorer in Splunk Search 08-06-2019 0 0	0	0
Help with an API one shot search time discrepancy I see significant search time discrepancy when I run a one-shot search via the python SDK as opposed to when I run th... by tonymorin Explorer in Splunk Search 08-06-2019 0 0	0	0
Ignore or Remove characters from search results I have a need to ignore specific characters in my search results. I'm assuming this can be done with REGEX or somethi... by hagjos43 Contributor in Splunk Search 08-06-2019 1 8	1	8
both stats and timechart gives different values Hi all I was wondering if i can get some help in this. as I have some fields in stats and i want span=1w of that. w... by splunkuseradmin Path Finder in Splunk Search 08-06-2019 0 2	0	2
How to allow user to enter a value that doesn't exist in a dropdown I have a dropdown that reads from a lookup but would like to allow the user to enter in a value that doesn't exist in... by w564432 Explorer in Splunk Search 08-06-2019 0 3	0	3