Splunk Search

Community Activity

How to do you change ownership of a lookup file? We have several lookup files for users who have left, and we would like to transfer the ownership to a new production... by sheamus69 Communicator in Splunk Search 08-07-2019 0 2	0	2
Table or graph view for range of results I have logs in my application, that looks like: 8/7/19 1:30:35.977 AM [8/7/19 1:30:35:977 MST] 00000232 MyClass ... by Nidd Path Finder in Splunk Search 08-07-2019 0 3	0	3
last 7 days on an input lookup I have the below query where i want all closed dates counted by the last 7 days but the below is not working \| input... by Sfry1981 Communicator in Splunk Search 08-07-2019 0 3	0	3
Can I ignore some words form a field? Hi team! I have a problem. I want to ignore some words from a field. This what I have: "Aplicación restringida det... by christianubeda Path Finder in Splunk Search 08-07-2019 0 3	0	3
Counting based on range I have an application log like: 8/7/19 1:30:35.977 AM [8/7/19 1:30:35:977 MST] 00000232 MyClass I Method Process... by Nidd Path Finder in Splunk Search 08-07-2019 0 4	0	4
Count different field values by value I have results of a field Severity High Medium Low How do i count the amount of Highs, Mediums and Lows in one field... by lavster Path Finder in Splunk Search 08-07-2019 0 1	0	1
Send command with SH Hi everyone, I would need a .sh script that allows me to read only the second line of a file and then send it to mac... by broccolino New Member in Splunk Search 08-07-2019 0 0	0	0
Most common events/issues/words Hello guys, I'm new in SPLUNK. Just wanted to ask for an advice :). Currently, I have 11,000 ticket data and I'm tr... by chinkeeparco Explorer in Splunk Search 08-07-2019 0 5	0	5
Splunk Daemonset for kubernetes not indexing data due to read only filesystem I have configured splunk daemonset for k8s cluster. Agent logs are flowing. However the application logs are not gett... by vidhijain333 Loves-to-Learn in Splunk Search 08-06-2019 0 0	0	0
Challenges Joining tables and returning values from both indexes Hello, Based on some suggested changes by @jawaharas I was able to successfully lookup the value of user from the Va... by lbrhyne Path Finder in Splunk Search 08-06-2019 0 10	0	10
how to get the first event time and last event time for field value Hi Splunkers, My events will look like below. 2019-08-06 10:14:00 TYPE="PLB_1", STATUS="true", CAR="A", PLACE="ABC... by SathyaNarayanan Path Finder in Splunk Search 08-06-2019 0 4	0	4
How to sum values from specific rows to then display in pie graph Hey guys, I'm trying to add the values that correspond to specific rows in a search, to then display on a dashboard ... by hamishcross Engager in Splunk Search 08-06-2019 0 3	0	3
Comparing/Merging/Grouping timestamp with timespan Hey there! I have logs from two different sources in one search. One source provides a time range, while the other p... by Bastelhoff Path Finder in Splunk Search 08-06-2019 0 2	0	2
Help with splunk query, searchmatch finding false positives Hey All, Very new to using splunk and love the power of dashboards. I'm executing the following index=my_app ("C4C... by hamishcross Engager in Splunk Search 08-06-2019 0 4	0	4
Does splunk support forwarding data from an IBM IFS (Integrated file system)? Hello, There is an Add-on or connector in splunk to forward data from IFS (Integrated File System) IBM ? Thank yo... by Kawtar Path Finder in Splunk Search 08-06-2019 0 3	0	3
How to trigger rs.slaveOk() from Splunk MongoDB (Hunk) app to query data from secondary instance We have a requirement of querying MongoDB collections from secondary instance using Splunk MongoDB app (Hunk). The vi... by sandeepkumar23 Explorer in Splunk Search 08-06-2019 0 0	0	0
Help with an API one shot search time discrepancy I see significant search time discrepancy when I run a one-shot search via the python SDK as opposed to when I run th... by tonymorin Explorer in Splunk Search 08-06-2019 0 0	0	0
Ignore or Remove characters from search results I have a need to ignore specific characters in my search results. I'm assuming this can be done with REGEX or somethi... by hagjos43 Contributor in Splunk Search 08-06-2019 1 8	1	8
both stats and timechart gives different values Hi all I was wondering if i can get some help in this. as I have some fields in stats and i want span=1w of that. w... by splunkuseradmin Path Finder in Splunk Search 08-06-2019 0 2	0	2
How to allow user to enter a value that doesn't exist in a dropdown I have a dropdown that reads from a lookup but would like to allow the user to enter in a value that doesn't exist in... by w564432 Explorer in Splunk Search 08-06-2019 0 3	0	3
Line graph: Count per hour with a trendline that plots the average count every 24 hours. I have a line graph that displays the number of transactions per hour. I want a trendline to go with it, but I want i... by 3666142 Path Finder in Splunk Search 08-06-2019 0 8	0	8
To compare today's Index size with yesterday's I use the below query to find the index size, how can I modify the query to get the comparision between todays's inde... by VijaySrrie Builder in Splunk Search 08-06-2019 0 10	0	10
Splunk display 0 when no results found from last x minutes Hi Team, Need help in creating a query. I want to display 0 when no data/events found. But I am getting "No results ... by sahil237888 Path Finder in Splunk Search 08-06-2019 0 3	0	3
Why is one interesting field not always displayed, and what change do we need to make to have this field always appear by default? I am not always getting one interesting field, even though I have selected all fields from the fields bar on the left... by sivapuvvada Path Finder in Splunk Search 08-06-2019 0 4	0	4
INTERESTING FIELDS missing in Search&Reporting app (default app) HI Friends, In Search&Reporting app (default app) when I search anything, I see only 3 INTERESTING FIELDS coming up... by pkumar9610 Explorer in Splunk Search 08-06-2019 0 1	0	1