Splunk Search

Community Activity

How to extract sourcetype and index with a regex from the monitor path directory structure? My end goal is to extract the sourcetype and index with a regex from the monitor path at runtime based on a lookup fr... by psyched4splunk Explorer in Splunk Search 06-29-2019 0 9	0	9
Searching for Multiple Commands In Succession Hello all, I am looking at endpoint data and I want to see if I can make a search query to look at certain commands ... by cxr5971 Path Finder in Splunk Search 06-29-2019 0 11	0	11
How to merge consecutive event values from a single field? This is the requirement. We are collecting a log file that has the following events (along with others)in the same fi... by sureshmurgan Path Finder in Splunk Search 06-28-2019 0 8	0	8
Calculating distances between points with GEOIP using latitude and longitude, can I use Trigonometric functions directly in a search in Splunk 6.1.5 I need tocalculate distances between points with GEOIP using latitude and longitude directly in a search with trigon... by gonzalovasquez Engager in Splunk Search 06-28-2019 0 4	0	4
Is it possible to use lookup to fill the "email subject" and "email address"? I've to send an email with only three fields (Time,path,server) in the email body and I want to use lookup to fill th... by mnj1809 Path Finder in Splunk Search 06-28-2019 0 2	0	2
How to replace index value based on new Input file during contiunious monitoring I have enable continuous monitoring based on the file available in the folder able to generate dashboard based on the... by prsubramanian New Member in Splunk Search 06-28-2019 0 0	0	0
Why is strptime and strftime command not working as expected? I have two "Survey Type" - 'a' and 'b' and I need to display their count based on the"Survey Complete" data. Note - T... by monyathomas New Member in Splunk Search 06-28-2019 0 1	0	1
Not able to search with some fields Hello All I am not sure, why i am not able to use search like host=* but if i search like index=* host=* then ... by vishaltaneja070 Motivator in Splunk Search 06-28-2019 0 12	0	12
How to control time span in tstats search? hi, I was looking to find more time precise dataset in the last 1 hour \|tstats summariesonly=true count from datamod... by koshyk Super Champion in Splunk Search 06-28-2019 0 2	0	2
Is it possible to set field values based on other field names? I have the following table: cp1_date cp1_status cp2_date cp2_status cp3_date cp3_status 20190601 ok ... by tgpers Engager in Splunk Search 06-28-2019 0 2	0	2
subsearch issue Hi all, I am in need of help. I need to generate an alert that runs after ever 30 minutes. and calculate the fo... by ajitshukla61116 Path Finder in Splunk Search 06-28-2019 0 0	0	0
Splunk 7.2.3: Alternative or solution to table command bug Hello All, Has anyone else run into this bug with the table command on Splunk 7.2.3? The table command works just... by _joe Contributor in Splunk Search 06-27-2019 0 9	0	9
Auto run search depending two inputs. What I am look here is when a user selects Day-to-day or Week-to-week the dropdown options should change accordingly ... by sandeepmakkena Contributor in Splunk Search 06-27-2019 0 1	0	1
Alias bug that merge "NEW" word into new field Hello, I have been watching a problem when I was using alias function through the SPLUNK Web. That problem was merged... by sonsee78 New Member in Splunk Search 06-27-2019 0 2	0	2
How to convert _time column to epoch time I need to convert the _time to epoch time. How is this done? Here is my time format and my cell is "_time". I have tr... by Becherer Explorer in Splunk Search 06-27-2019 1 8	1	8
How to exclude results that start with specific text in a specific field I am trying to find a list of issues in a ticketing system that include a specific keyword that also excludes a list ... by elloyd4 Explorer in Splunk Search 06-27-2019 0 2	0	2
Help using earliest, latest and finding the first occurrence of string I have 7 different fields that I need to get information from in different ways. They're all under the same index, so... by xploresplunk New Member in Splunk Search 06-27-2019 0 15	0	15
Tracking multiple transactions What might a query look like if your data is structured like: .....several events from one or more log files ........ by dowdag Engager in Splunk Search 06-27-2019 0 7	0	7
How to compare and save the values between some columns Hi all, I have below input: Now I want to do below comparision: (Row1 = started AND row2=started ) OR (row3="star... by ruchijain New Member in Splunk Search 06-27-2019 0 5	0	5
Is it possible to modify size of x-axis values? Hi, I would like to modify the size of the values in the x-axis , I am using Line-chart . Is it possible? by is91 New Member in Splunk Search 06-27-2019 0 0	0	0
Review this method for exchange message trace and regex We are ingesting Exchange message trace logs and the username is not being pulled correctly. Reviewing the default/pr... by jwalzerpitt Influencer in Splunk Search 06-27-2019 0 5	0	5
How to combine Values Within Stats Command I have written a search that breaks down the four values in the majorCustomer field and counts the number of servers ... by whunterj Explorer in Splunk Search 06-27-2019 0 3	0	3
How to format a graph to use a different color for each weekday I am using the timechart command to create a graph with one bar for each day in the month, and I would like each day ... by jbrenner Path Finder in Splunk Search 06-27-2019 0 3	0	3
is there a cleaner way to zeropad numeric values, ie add leading zeros? I have a macro that implements a conversion algorithm. At one point in that algorithm I have to add leading zeros t... by sideview SplunkTrust in Splunk Search 06-27-2019 1 14	1	14
Dependent Dropdown eroor Hello all, I have 2 dropdown one is parent dropdown and other is the dependent child dropdown. dropdown1 has valu... by ajitshukla61116 Path Finder in Splunk Search 06-27-2019 0 1	0	1