Splunk Search

Community Activity

Timechart not populating the result I have a checkbox named host in which user enters the hostname manually, and then as per the name entered it should d... by mayank101 New Member in Splunk Search 07-23-2019 0 2	0	2
Is the result of "strptime" in seconds? Hi I would like to know if the results of "strptime" are in seconds? index=main sourcetype=access_combined host=vs... by rosho Communicator in Splunk Search 07-23-2019 0 2	0	2
Timechart not coming up instead a table is coming up for it Timechart not coming up instead a table is coming up for it.Can anyone tell me what's wrong with the query.I want a ... by mayank101 New Member in Splunk Search 07-23-2019 0 2	0	2
Help creating JOIN search I'm trying to compare Field X from Index A with Field Y from Index B. Though the field names are different, they sto... by NAVEEN_CTS Path Finder in Splunk Search 07-23-2019 0 8	0	8
How to get the time difference after converting unix time using strftime? I'm currently trying to get the duration of some events, but when i use this search nothing is coming back: \| tstats... by payton_tayvion Path Finder in Splunk Search 07-23-2019 0 2	0	2
How to create a regex for extracting few characters of a field? My VLAN value looks like below: \|inputlookup vrf_usage.csv \| search VRF="*" \| search VLAN=Vlan819(RVP_CDN) Could ... by surekhasplunk Communicator in Splunk Search 07-23-2019 0 6	0	6
Difference between today's and yesterday's data. I am trying to find the difference between today and yesterday's data. The data consists of every employee's Id numbe... by 3666142 Path Finder in Splunk Search 07-23-2019 0 2	0	2
How to create a total volume label on each pie on a trellis dashboard panel I'm trying to display allowed vs blocked traffic for several different accounts. I think a trellis chart with a pie r... by adamjones Engager in Splunk Search 07-23-2019 0 2	0	2
How do I reverse/swap characters in a string value returned from a search? Hi, If my search returns a string value of "ABCDEF" 1) How do I modify the search to reverse this value so it outpu... by ajay_mk Explorer in Splunk Search 07-23-2019 1 13	1	13
What is the difference in total and Total? index="YOURINDEX" \|stats count by domain, id.orig_h \| sort -count \|stats list(domain) as Domain, list(count) as count... by emilynicole73 Engager in Splunk Search 07-23-2019 0 3	0	3
How to optimize search to compare calculated value with the previous value from some time ago Hello. I have this search: index="flow" earliest=-15m latest=now \| append [search index="flow" earliest=-15m lates... by borgetko New Member in Splunk Search 07-23-2019 0 3	0	3
Join turns off predicate pushdown optimization Hi, I have problem with optimizer. It doesn't make pushdown optimization when I'm using join. I have event dataset wi... by aasfga New Member in Splunk Search 07-23-2019 0 0	0	0
Ingestion Method as Field? Hi. I've noticed there are some hidden fields in every event ingested into Splunk, like _indextime. Is there some sor... by morethanyell Builder in Splunk Search 07-22-2019 0 2	0	2
Extract last 3 characters from field Hello, I am trying to extract the last 3 characters from an extracted field. The field is in the format of 122RN0057... by ahogbin Communicator in Splunk Search 07-22-2019 0 3	0	3
Best way to extract the regex for the below xml format Extraction should be like : For the measTypes Count=120 AcceptCount=10 and so on.. <measInfo> <gra... by payal23 Path Finder in Splunk Search 07-22-2019 0 8	0	8
How to monitor 150+ instances of the same service in perfmon So my systems can spawn upto and above 150+ instances of the same application. I'm using the generic perfmon Process ... by mmqt Path Finder in Splunk Search 07-22-2019 0 1	0	1
Field extraction: Is there a limit on the number of values a JSON multivalued field can hold in Splunk 6.2.1? Hi All, I am ingesting a json log file. The data contains a JSON array with multiple fields. Sample format { "pay... by somesoni2 Revered Legend in Splunk Search 07-22-2019 3 6	3	6
Multiple Charts next to each other I have a Dashboard with two stacked bar charts in a view I created by going to Manager » User interface » Views. <f... by asarolkar Builder in Splunk Search 07-22-2019 0 3	0	3
Help with search to draw a timechart for dynamic input I have a checkbox in which user has to enter the hostname manually by himself. So on the basis of the hostname entere... by mayank101 New Member in Splunk Search 07-22-2019 0 2	0	2
Dropdown input token needs to match rex field in search Hello, I have searched Answers and will continue to search after I post this. I'm not sure I am entering the correct ... by genesiusj Builder in Splunk Search 07-22-2019 0 6	0	6
Create and Reuse Variable in Multiple Places Hi guys. I want to create a variable, lets say my_var_thresdold = 1000 After that, I want to use that var in two pla... by jslealdi Explorer in Splunk Search 07-22-2019 0 3	0	3
Splunk comparison search Hello, I have difficulties with creating a comparison chart for the next data structure: search Count ... by astatrial Contributor in Splunk Search 07-22-2019 0 7	0	7
Help with time chart search that accumulates total count over 6 months I have a search that accumulates the total count for host over a 6 period of months. Now when I am trying to draw a ... by mayank101 New Member in Splunk Search 07-22-2019 0 0	0	0
7.2.6: How to send a report even when no results are found? Hi, I have an audit report I need to run daily. I need an email daily even if the report shows no results. The ema... by Glasses Builder in Splunk Search 07-22-2019 0 6	0	6
Get the hex number of a color (in a chart) associated with a specific value? I'd like to add an icon to a value in a table whose color matches the color associated with that value in a chart. I ... by brinley Path Finder in Splunk Search 07-22-2019 0 5	0	5