Splunk Search

Community Activity

	Regex in props.conf doesn't work Our application logs events to the Windows application events with custom SourceNames. Need help to extract the fiel... by nmohammed Builder in Splunk Search 07-03-2019 0 2	0	2
	Timechart a dataset of weekly averages I have a dataset with some data points from a report I made; week end date(MM/DD/YYYY), host, user action, and averag... by aohls Contributor in Splunk Search 07-03-2019 0 4	0	4
	How to calculate Max, Min, Avg for duration of a transaction? I'm calculating the time difference between two events by using Transaction and Duration. Below is the query that I u... by amunag439 Explorer in Splunk Search 07-03-2019 0 2	0	2
	Extracting values for table I have events in my logs that look like { linesPerSec: 1694.67 message: Status: rowCou... by reinharn Explorer in Splunk Search 07-03-2019 0 8	0	8
	How to extract nested JSON and display JsonObject in a table? My sample event looks like below: { "thread": "http-nio-8085-exec-1", "level": "INFO", "loggerName": "IN... by Dhanapathi New Member in Splunk Search 07-03-2019 0 8	0	8
	lookup csv file good morning , i have some issues on splunk now if some one can help me ; the is a discription of my csv : \|Hostname... by kacel New Member in Splunk Search 07-03-2019 0 7	0	7
	Timechart with different bar color My splunk query is index=abc "Server started successfully" OR "Get Operation" OR "POST operation" OR "Error occurr... by pankajad Explorer in Splunk Search 07-03-2019 0 1	0	1
	Custom time ranges in Splunk mobile app Is there a way how to select saved custom time range in Splunk mobile app? I can see there only few standard Presets,... by rapmancz Explorer in Splunk Search 07-03-2019 0 0	0	0
	Removing leading and trailing symbols from a string for numeric conversion I have a field Threshold which has a value "+-5%", ">20%", "<30%" etc, which i want to convert into a number. Could ... by bonddodla New Member in Splunk Search 07-03-2019 0 2	0	2
	Search is waiting for input message caused by ldapsearch? I have created a dashboard which shows print jobs by Print Server/Printer/Time. I would like to include the actual na... by wnyricsplunk Explorer in Splunk Search 07-03-2019 0 5	0	5
	Work Flow Action \| Show Source \| Does not display data after upgrade to 7.2.5 After upgrading to 7.2.5 from 6.2.2 the workflow action show source is not populating data when you click on the butt... by gjohnson2 New Member in Splunk Search 07-03-2019 0 0	0	0
	pie chart color with condition \|inputlookup vrf_usage.csv \| search VRF="PCOM"\| search VLAN="Vlan802" \| table VLAN device capacity free used VLAN ... by surekhasplunk Communicator in Splunk Search 07-03-2019 0 1	0	1
	WARN : Eventtype 'xxxxxxxx' does not exist or is disabled. Errors coming from indexers hi all, I have had a number of scheduled searches that failed, all returning the same errors. WARN : Eventtype 'xxx... by pbrinkman Path Finder in Splunk Search 07-03-2019 0 1	0	1
	Is it possible to fix table header when we have to display more no.of rows and also how to add vertical scroll bar in a table I have a requirement of fixing the table header while scrolling down for n no.of rows. Also, Can I add a vertical scr... by nagar57 Communicator in Splunk Search 07-03-2019 0 4	0	4
	Query indicating IP detected as one signature as B class band index=* signature="SQL*" .... In this way, I want to see the list of source IPs detected as signatures with the str... by tkdguq0110 Path Finder in Splunk Search 07-03-2019 0 1	0	1
	missing sourcetype - splunk_resource_usage index=_introspection - splunk v.7.3.0 Hello Yesterday I installed splunk 7.3.0 and I start running some searches and then I wanted to see statistics of my ... by net1993 Path Finder in Splunk Search 07-02-2019 0 0	0	0
	Set Table Row/field from another Row/Field Example: \| ID \| NAME \| CASE_ID \| \| 1 \| ABC \| C101 \| \| 2 \| XYZ \| null \| \| 3 \| DFG \| C50... by wrussell12 Explorer in Splunk Search 07-02-2019 0 3	0	3
	How to show Top 20 location on map? my task is to show top 20 location on Map by incidenttype.here incident type have 5 type. I have tried this query b... by ajitshukla61116 Path Finder in Splunk Search 07-02-2019 0 0	0	0
	What is null values? in a simple way can anyone explain what is null values returned from the search? As simple as possible by mkhedr Explorer in Splunk Search 07-02-2019 0 2	0	2
	how to find geographic spread of viewers and hello all i have data in default index "main" and has sourcetype "app" and it has fields like content name, program ... by tariqazeem123 New Member in Splunk Search 07-02-2019 0 0	0	0
	Is there any way to prevent additional sourcetypes from being added to the normalized search? I'm running a search and I've noticed that there are a ton of additional sourcetypes (like f5_bigip:, pan:, WMI:*) be... by khevans Path Finder in Splunk Search 07-02-2019 0 0	0	0
	Help with Transaction I'm trying to to list out running sessions for a service. I am using timechart to list when its active and then simpl... by pbarbuto Path Finder in Splunk Search 07-02-2019 0 4	0	4
	Why can't I use multisearch here? I'm trying to use Multisearch to combine the results of two commands. My search is: \| multisearch [ search inde... by khevans Path Finder in Splunk Search 07-02-2019 0 2	0	2
	Inspite of using Appendpipe , the new row is not getting displayed index="xyz" \| stats avg("Service Provided") AS "Average of Service Provided " BY "Survey Month" \| eval "Average of S... by monyathomas New Member in Splunk Search 07-02-2019 0 2	0	2
	How to ignore ip_address from events that exist in a lookup table Splunk Newbie here.... I'm looking to create a search looking for internal hosts reaching out to external DNS server... by wtaylor149 Explorer in Splunk Search 07-02-2019 0 13	0	13