Splunk Search

Community Activity

How to write custom Text for a Search result? For my Dashboard I ping a Source and want to see to Text-States: UP or DOWN. My search statement looks similar like ... by tobi2k Explorer in Splunk Search 07-21-2019 0 4	0	4
field value is being extracted as fieldname in regex I am trying to extract xml fields using regex but I am encourtering this issue for this specific tags, It is working ... by michaelrosello Path Finder in Splunk Search 07-21-2019 0 1	0	1
How to sort search results by numbers The rounding of search results has already been discussed numerously. But unfortunately, it doesn't work for me. I wa... by tobi2k Explorer in Splunk Search 07-21-2019 0 4	0	4
showing result quarterly I am new in splunk i want to calculate the quarter data based on all people and what are the highest planned and lowe... by chandanimishra New Member in Splunk Search 07-21-2019 0 1	0	1
Missing original value after using distinct query Hi, I am having the following issue that need your help. The scenario is: I am working on the report of firewall data... by michaelhoang New Member in Splunk Search 07-21-2019 0 1	0	1
Unique requests Need creating a search query for Splunk that results in a list of unique requests that have been completed. by d00m4ig Engager in Splunk Search 07-21-2019 0 3	0	3
How to get count of multiple strings with common index and source type? I'm trying to create a dashboard which will display pie-charts from different results. For this, I've multiple string... by habisht Explorer in Splunk Search 07-21-2019 0 2	0	2
Does the Trellis visualisation work with real time searches? I am attempting to make a trellis visualization off the sample data : * clientip=* \| iplocation clientip \| lookup ... by ewan000 Path Finder in Splunk Search 07-20-2019 0 3	0	3
Get average connections for the past few days, compare to current connections I have the following search, I'm trying to get it to show the src, dst, current amount of connections, and then an av... by aking76 Path Finder in Splunk Search 07-20-2019 0 2	0	2
Splunk not able to recognize the JSON file source type and index it I am trying to monitor a folder containing JSON files in it. But, I observed that files are not getting indexed. Whe... by vikrantkumar199 New Member in Splunk Search 07-19-2019 0 1	0	1
search peers sick Hi im having this issue : The times on the system clocks for the machines running this search head and the intended ... by jadengoho Builder in Splunk Search 07-19-2019 0 3	0	3
timechart with WHERE clause not behaving as expected I have a fairly straightforward query using timechart to count the top 10 users triggering an event. ( Sanitized ) ... by fclsplunk New Member in Splunk Search 07-19-2019 0 8	0	8
start a search certain number of hours/days/weeks from time picker set value Good day everyone, I am dealing with a challenge and really hope i can get an answer here. I am running a Join search... by mpasha Path Finder in Splunk Search 07-19-2019 0 7	0	7
Unable to extract common values by joining indexes? index=abc sourcetype=xyz \| eval is_passed=if(label=="PASS", 1, 0) \| eval is_failed=if(label=="FAIL", 1, 0) \| stats... by amaurya1 Explorer in Splunk Search 07-19-2019 0 3	0	3
About usage of {} in eval I recently saw the manual of eval, and I found the following description. To specify a field name with multiple word... by yutaka1005 Builder in Splunk Search 07-19-2019 2 4	2	4
Getting the wrong fields extracted from my props and transforms conf files So i'm trying to extract and ip address from a multi-value field and my transforms stanza is something along these li... by Sparky1 Explorer in Splunk Search 07-19-2019 0 5	0	5
how to find third largest salary from a salary field Please help me in Finding the 3rd or nth largest value from a field... SALARY 10000 30000 20000 80000 60000 93000 5... by Tamilraj28 Engager in Splunk Search 07-19-2019 0 3	0	3
Getting data from seperate searches where fields are not the same name I have two searches, one that gives me a table: index="netapp_snapmirror_reports" source="/var/tmp/netapp_snapmirror... by jfraley Path Finder in Splunk Search 07-19-2019 0 4	0	4
Can a field value of any column but used as a fieldname in eval? I have a field as field1, and field2 which is an indexed event: Field1 1.A 2.B and another table I have as match1 ... by msaranya Observer in Splunk Search 07-19-2019 0 5	0	5
Using a column of field names to dynamically select fields for use in eval expression Hi. Suppose my search generates the first 4 columns from the following table: field1 field2 field3 lookup resul... by dvanderlaan New Member in Splunk Search 07-19-2019 0 6	0	6
Search Question: Event Sampling Does anyone know of a good way to pull one event of a specific eventcode/type when searching for multiple eventcodes?... by adalbor Builder in Splunk Search 07-19-2019 0 3	0	3
extract no. hi all I have events in json format need to extract number from this sip:+1234566@12.23.34.45 example: i need +1234... by splunkuseradmin Path Finder in Splunk Search 07-19-2019 0 4	0	4
How to add counts and sum from different fields Hi, New to Splunk and still trying to get to grips with it. I am trying to present a single table with the following... by amal1234 Engager in Splunk Search 07-19-2019 0 2	0	2
How to Find Standard Deviation of a Daily Volume? I'm trying to find the standard deviation of the daily volume of traffic per host. index=index sourcetype=sourcetype ... by TylerJVitale Explorer in Splunk Search 07-19-2019 0 0	0	0
Increase max time for a script alert I am running a script from a alert which takes around 30 mins to complete . But instead my script is getting fired wi... by Mansi24 Path Finder in Splunk Search 07-19-2019 0 3	0	3