Splunk Search

Community Activity

Replace command -Ignore case How can we use case insensitive value in Replace command- \| replace "name" with "entity" in description will it rep... by shugup2923 Path Finder in Splunk Search 06-19-2019 0 1	0	1
How to extract filename from fields? I am trying to extract a filename Nsences_2016_10_10_12_50.csv from below field value. D:\Program Files\X620\ABC\TGF... by dhirendra761 Contributor in Splunk Search 06-19-2019 0 5	0	5
Why does the search works in Monitoring Console but not in other Apps? I'm trying to convert the Health Check queries into a dashboard, I already change neccesary permissions in some macro... by jorcabro Explorer in Splunk Search 06-19-2019 0 4	0	4
Question on include/exclude events In the logs I wanted to include events that has the string "uri=https://www.bikerace.com" and if it is not present I ... by Deepz2612 Explorer in Splunk Search 06-19-2019 0 1	0	1
Match timestamp when it is between timestamp from lookup Hi all, I want to merge the following sets based on their timestamp. index=bus sourcetype=bus \| table timestamp type... by basvanderbijl New Member in Splunk Search 06-19-2019 0 0	0	0
How to display dashboard when all searches done loading? I have a base query in my dashboard with multiple other queries that make use of the base query. In my base query, I... by denzelchung Path Finder in Splunk Search 06-19-2019 0 3	0	3
Finding the latest source file per day My script runs every 2 hrs per day .But i need the latest file per day for a timerange to do some calculation. by Nadhiyaa Path Finder in Splunk Search 06-18-2019 0 3	0	3
How do I divide data in a column based on their values? I have two fields in my data. Below is an example.The actual data contains 100 rows. Store Minutes 81145 33 81234 42... by nikita012 New Member in Splunk Search 06-18-2019 0 3	0	3
No of Businessdays between two dates Hi , The below give me the no of days between two dates but i want to calculate only no of business days between two ... by snehalatha Engager in Splunk Search 06-18-2019 2 4	2	4
No value coming from OUTPUT during a look up I am trying to match a field across two inputs if the field matches then I compare the dates and table them. When I c... by sowmya120 New Member in Splunk Search 06-18-2019 0 3	0	3
Automatically Viewing Visualization in Search I'm linking a click value token in a dashboard to a search. Is there a way to format the drilldown search string so ... by TylerJVitale Explorer in Splunk Search 06-18-2019 0 2	0	2
How to search based on the the time field from the event? Hi Team, I am having field called expirationdatetime in my event and its format is 2019-06-21T06:08:40.220082Z. My r... by bhuvanabala New Member in Splunk Search 06-18-2019 0 2	0	2
Search to show zero when no results I have the following search: earliest=@d+11h latest=@d+22h index="daluat" Action="DAL*" \| timechart span=30m count ... by matthewcanty Communicator in Splunk Search 06-18-2019 0 9	0	9
How to write a real-time search to alert if daily license usage reaches 70 GB or more? Hi Team I need your help to write the search on the licence usage. Suppose I have a 100 GB license. My daily licence... by sumit29 Path Finder in Splunk Search 06-18-2019 1 3	1	3
How to create a regex to extract fields between two hyphens? Hi,help me in writing regex to extract field between two hyhpens. Eg: S-STRA-32 F-FIDR-67 Thanks! by Deepz2612 Explorer in Splunk Search 06-18-2019 0 5	0	5
How to write a search where if a certain string is found in a log, set Status=1, otherwise Status=0? I need to find a string in a log and set/unset a field depending on this.Ex: field Status = 1 or 0.I should say if(a_... by svivekananda007 Engager in Splunk Search 06-18-2019 4 9	4	9
How to search for an event from last week based on time value field? Hi - I am searching for events based on time field Last_Login_Time (sample value: 2019-06-13T20:26:12.000Z) which hap... by vnguyen46 Contributor in Splunk Search 06-18-2019 0 3	0	3
Can we retrieve data using DBConnect for rows which got modified? Is it possible to retrieve data using DBConnect for rows which got modified? And not included via the rising column? by ddrillic Ultra Champion in Splunk Search 06-18-2019 0 1	0	1
How to parse specific value from a field value? Disclaimer : I'm new to Regex and using the Rex function I have a field "Message" that has the following string form... by wicke_s Explorer in Splunk Search 06-18-2019 0 12	0	12
compare fields for like match I am looking for methods to compare two fields for a like match. Specifically, I'd like to match when field1 can be ... by rg33 Explorer in Splunk Search 06-18-2019 1 7	1	7
How to calculate sum (distinct_count by column1) and display as a number in visualization? I have a stats calculated using : stats distinct_count(c1) by c2 Now I want to calculate the sum of these distinct_... by waghuldese1 New Member in Splunk Search 06-18-2019 0 1	0	1
Daily averages in usage over 7 days or similar... index=_internal source="license_usage.log" type=Usage idx IN (index1,index2,index3, index4,etcindex) \| eval yearmo... by antb Path Finder in Splunk Search 06-18-2019 0 2	0	2
timestamp lookahead Hello i have this event for example: $changeSystemTimeCmd 1533808153 -newTime 1533808153 -oldTime 1533808147 i ne... by sarit_s Communicator in Splunk Search 06-18-2019 0 5	0	5
How to extract values between two same characters using regex? How to extract the field values between two same characters. Event Axxtalled=xrxnx xx Client\;12.0.5294\;15.179... by rashid47010 Communicator in Splunk Search 06-18-2019 0 2	0	2
Help with concatenation needed Hello, I need to concatenate two variables including strings (e-mail lists) into one. the code I use for that is the... by damucka Builder in Splunk Search 06-18-2019 0 1	0	1