Splunk Search

Community Activity

	Confusing behaviour of fieldalias I've have downloaded from Splunkbase and applied the Linux secure TA on my Splunk instance, and I've been facing with... by szabados Communicator in Splunk Search 08-01-2019 0 2	0	2
	How to add device pair requirement to SPL? We have this search which works fine: \| inputlookup critical_cyber_devices.csv \| join SplunkHost type=outer [\|... by danielbb Motivator in Splunk Search 08-01-2019 0 4	0	4
	Table field with duplicating from lookup. In my search below I am looking to make a table. I am running into an issue where my results go into a table. \| ... by aohls Contributor in Splunk Search 08-01-2019 0 3	0	3
	Script error in Splunk cause/solution? All, I am getting this error in a clean install of Splunk on my search head. Curious why this script reaches out to... by daniel333 Builder in Splunk Search 08-01-2019 0 1	0	1
	Generic Solution to Same Column Value Difference What would be the best generic solution to https://answers.splunk.com/answers/760677/same-column-value-difference.h... by reverse Contributor in Splunk Search 08-01-2019 0 6	0	6
	mvcombine count all elements of the field I have a list of 5 elements: After i use mvcombine i return only 1 result, but i have effectively 5 elements. The... by splunk6161 Path Finder in Splunk Search 08-01-2019 0 9	0	9
	Drilldown using chart clicks but also need all values Hi, Something eiher I forgot or not getting right. I have a chart. See attached. When I click on the EVENTYPE value ... by mbasharat Builder in Splunk Search 08-01-2019 0 10	0	10
	Two Queries That Return Results Do not Return Results After Join I have written two individual queries that both return the expected results. A. tag=tag name location="location nam... by ryanmcdermott12 Explorer in Splunk Search 08-01-2019 0 4	0	4
	How to edit my search to exclude duplicate events using one field and display a chart based on other fields? I have a search that works, but I've recently discovered that my events are recorded in two separate log files, somet... by jdhux New Member in Splunk Search 08-01-2019 0 4	0	4
	What does the ES tstats macro mean? The tstats macro is defined, within the SA-Utils app as - tstats prestats=true local=`tstats_local` `summariesonly` ... by danielbb Motivator in Splunk Search 08-01-2019 0 1	0	1
	How to pass search name to savedsearch Hello, I have the following search, which works fine and returns the proper result "RCA_MEMORY": \|makeresults \| ev... by damucka Builder in Splunk Search 08-01-2019 0 0	0	0
	i want to create the field of error : create the field "DM Call errors #" , then count this number. I tried to use case, but I dont have the field as tit... by Joycetran New Member in Splunk Search 08-01-2019 0 1	0	1
	Replace random string in a field Hi team, I've 1 field named - 'URI' coming in micro service log dump. Example Values of URI field is like below - ... by pjtbasu Explorer in Splunk Search 08-01-2019 0 1	0	1
	How to create a list of all indexes with source, host, and sourcetype with last seen field? Hello all, I'm currently working on figuring how to create a list of as mentioned in the title with the last seen fie... by mpham07 Path Finder in Splunk Search 08-01-2019 0 2	0	2
	mvexpand not working for IP6 field I have the Cisco ISE app loaded and there is a field, Framed_IPv6_Address that may contain up to six IPv6 addresses. ... by jwalzerpitt Influencer in Splunk Search 08-01-2019 0 6	0	6
	Column chart Hi all, I am having issues with creating column chart visualization. I have for example table that looks like this... by astatrial Contributor in Splunk Search 08-01-2019 0 6	0	6
	operation:"copying source to destination", error:"Access is denied." I was getting numerous errors given below on one of the SHC members, ERROR CsvDataProvider - The lookup table 'XX... by damode Motivator in Splunk Search 08-01-2019 0 1	0	1
	View all Splunk instance in a single Splunk? We have 6 splunk deployment server and need to login to every server to see the dashboards in respective servers. Is ... by Vinesh93 Explorer in Splunk Search 08-01-2019 0 1	0	1
	How do I get cumulative moving average? Hi guys, I am trying to compute and chart the cumulative moving average (ref. of what is it:https://en.wikipedia.org... by brdennehy Explorer in Splunk Search 08-01-2019 0 4	0	4
	Box Plot Viz HI, I tried to install the Box Plot Viz downloaded from here --> https://splunkbase.splunk.com/app/3157/#/details H... by ericchaucl Path Finder in Splunk Search 07-31-2019 0 3	0	3
	Matching / Compaire 2 Fields Hello, i would like to find out if both systems deliver the same output. The output of both systems is written to th... by mklhs Path Finder in Splunk Search 07-31-2019 0 1	0	1
	help on a complex lookup data matching in order to calculate a new field Hi I use the search below in order to catch a field called "flag_patch_version" from a csv file called "patchlevel.c... by jip31 Motivator in Splunk Search 07-31-2019 0 10	0	10
	How to update 'Website URL' and 'Organization name' in Splunk Answers user profile I don't see an option to add/update 'Website URL' and 'Organization name' in Splunk Answers user profile. Any guidanc... by jawaharas Motivator in Splunk Search 07-31-2019 0 2	0	2
	Why are we getting error "Timed out waiting for peer XXX", but the search status=success? To monitor if my nightly searches ran properly I'm looking at: index=_internal sourcetype=scheduler earliest=@d \| <f... by secfrit Explorer in Splunk Search 07-31-2019 0 4	0	4
	Trying to dur2sec a HH field that is more than 24H I'm trying to dur2sec a hour field that is more than 24H and therefore doesn't work. Anyone have any suggestions on ... by wweiland Contributor in Splunk Search 07-31-2019 0 4	0	4