Splunk Search

Community Activity

subsearch issue Hi all, I am in need of help. I need to generate an alert that runs after ever 30 minutes. and calculate the fo... by ajitshukla61116 Path Finder in Splunk Search 06-28-2019 0 0	0	0
Splunk 7.2.3: Alternative or solution to table command bug Hello All, Has anyone else run into this bug with the table command on Splunk 7.2.3? The table command works just... by _joe Contributor in Splunk Search 06-27-2019 0 9	0	9
Auto run search depending two inputs. What I am look here is when a user selects Day-to-day or Week-to-week the dropdown options should change accordingly ... by sandeepmakkena Contributor in Splunk Search 06-27-2019 0 1	0	1
Alias bug that merge "NEW" word into new field Hello, I have been watching a problem when I was using alias function through the SPLUNK Web. That problem was merged... by sonsee78 New Member in Splunk Search 06-27-2019 0 2	0	2
How to convert _time column to epoch time I need to convert the _time to epoch time. How is this done? Here is my time format and my cell is "_time". I have tr... by Becherer Explorer in Splunk Search 06-27-2019 1 8	1	8
How to exclude results that start with specific text in a specific field I am trying to find a list of issues in a ticketing system that include a specific keyword that also excludes a list ... by elloyd4 Explorer in Splunk Search 06-27-2019 0 2	0	2
Help using earliest, latest and finding the first occurrence of string I have 7 different fields that I need to get information from in different ways. They're all under the same index, so... by xploresplunk New Member in Splunk Search 06-27-2019 0 15	0	15
Tracking multiple transactions What might a query look like if your data is structured like: .....several events from one or more log files ........ by dowdag Engager in Splunk Search 06-27-2019 0 7	0	7
How to compare and save the values between some columns Hi all, I have below input: Now I want to do below comparision: (Row1 = started AND row2=started ) OR (row3="star... by ruchijain New Member in Splunk Search 06-27-2019 0 5	0	5
Is it possible to modify size of x-axis values? Hi, I would like to modify the size of the values in the x-axis , I am using Line-chart . Is it possible? by is91 New Member in Splunk Search 06-27-2019 0 0	0	0
Review this method for exchange message trace and regex We are ingesting Exchange message trace logs and the username is not being pulled correctly. Reviewing the default/pr... by jwalzerpitt Influencer in Splunk Search 06-27-2019 0 5	0	5
How to combine Values Within Stats Command I have written a search that breaks down the four values in the majorCustomer field and counts the number of servers ... by whunterj Explorer in Splunk Search 06-27-2019 0 3	0	3
How to format a graph to use a different color for each weekday I am using the timechart command to create a graph with one bar for each day in the month, and I would like each day ... by jbrenner Path Finder in Splunk Search 06-27-2019 0 3	0	3
is there a cleaner way to zeropad numeric values, ie add leading zeros? I have a macro that implements a conversion algorithm. At one point in that algorithm I have to add leading zeros t... by sideview SplunkTrust in Splunk Search 06-27-2019 1 14	1	14
Dependent Dropdown eroor Hello all, I have 2 dropdown one is parent dropdown and other is the dependent child dropdown. dropdown1 has valu... by ajitshukla61116 Path Finder in Splunk Search 06-27-2019 0 1	0	1
Transaction shows incomplete statistics Hi All, I am trying to group the events using transaction command but looks like some of the data is not visible in t... by sunnyb147 Path Finder in Splunk Search 06-27-2019 0 7	0	7
How to compare same period with timewrap I want to compare statistics of events between 2 weeks, day per day. I count events for every day in real time but w... by faribole Path Finder in Splunk Search 06-27-2019 0 0	0	0
Search lookup rename and use values not in CSV file Wondering can this be done - I'm trying to use IPs (there's 50 of them) from a CSV file for a dashboard to Name ones ... by cdohertypp New Member in Splunk Search 06-27-2019 0 5	0	5
Dots/gaps in timechart when using sum(packets) by destination When I use "(base search) \| timechart sum(packets) by destination useother=f usenull=f", I get gaps in my timechart:... by splunklearner12 Path Finder in Splunk Search 06-27-2019 0 2	0	2
What is browserconfig.xml in Splujnk and why user trying to access? Hi, In our access log of Splunk we found user access to the file browserconfig.xml which is not on the splunk server... by tfechner Path Finder in Splunk Search 06-27-2019 0 1	0	1
How do I match an IP address to a range that spans multiple CIDRs? I am trying to match IP addresses in the block of addresses - 10.120.1.0 through 10.120.13.255. This range spans se... by scottrunyon Contributor in Splunk Search 06-27-2019 1 3	1	3
Mapping data from small sourcetype to another larger sourcetype Hello! I'm having this issue of merging data from one sourcetype to another larger sourcetype. Example: index=ecs_in... by tleduc New Member in Splunk Search 06-26-2019 0 2	0	2
Can I get a count of distinct values in multivalue field? What I'm looking for is a hybrid of the stats list() and values() functions. First, I'd like the list of unique valu... by hulahoop Splunk Employee in Splunk Search 06-26-2019 3 7	3	7
How to create a search that can Event count by Vendor/Product by Day for past 30days? Hey All, I am trying to create an efficient search that I can schedule and run once a month to create some metrics. ... by adalbor Builder in Splunk Search 06-26-2019 0 16	0	16
[INGEST_EVAL] Regex replace stops after 1000 chars Hi, I'm trying to convert a hex string to readable ascii text at index time, inspired by this solution: https://answ... by tobias_stegmann Observer in Splunk Search 06-26-2019 0 3	0	3