Splunk Search

Community Activity

How do I export extracted fields for use in another app? I am creating two apps that use the same data (weird,I know, but I am testing something in my environment). I've buil... by adamfrisbee Explorer in Splunk Search 06-23-2019 0 1	0	1
How to create a search that lists all fields? (and data validation question) Hi, I am looking to create a search that allows me to get a list of all fields in addition to below: \| tstats count ... by mbasharat Builder in Splunk Search 06-22-2019 0 4	0	4
How to create a search for Server Uptime for Windows & Linux in Splunk? I need a Splunk search for finding server uptime for Windows and Linux index= linux sourcetype=cpu by PRASADNALLIBOEN New Member in Splunk Search 06-22-2019 0 2	0	2
How to correlate events from three sources based on time condition I have one index which have events from 3 different sources (A, B & C). The value of CELL, CALLERNO & CALLEDNO are th... by spnewashik New Member in Splunk Search 06-22-2019 0 4	0	4
How to create a search based on multi-value fields I am new to Splunk, currently working on a Shift roster. There are 3 teams and 3 members in each team(totally 9 membe... by poorni_p Explorer in Splunk Search 06-22-2019 0 2	0	2
How to configure source_type to regex value? I'm using a Universal Forwarder and want Splunk to return source_type as what's defined for source within the monitor... by psyched4splunk Explorer in Splunk Search 06-22-2019 0 5	0	5
API: How to specify returning dates with a UTC or GMT offset rather than a CDT time zone? How can I specify Splunk to return dates with a UTC or GMT offset rather than a time zone abbreviation? Right now I g... by artrune Path Finder in Splunk Search 06-21-2019 0 3	0	3
How to multiply column values? The way I do this in excel is by using the formula "=PRODUCT(C2C3C4*C5)" How can I do that in Splunk? Ideally, I ... by rslama Path Finder in Splunk Search 06-21-2019 0 3	0	3
Is there a way to add an extra row based on a pre-defined list of stores if the stores don't exist in the search results? I've searched around and I've been having a hard time finding an answer to this probably due to how I'm phrasing the ... by wesbrowntech Engager in Splunk Search 06-21-2019 0 2	0	2
How to calculate HTTP throughput in GB and average HTTP throughput in KBits/Sec? How do you calculate HTTP Throughput in GB and Average HTTP Throughput in KBits/Sec? by kp5116 New Member in Splunk Search 06-21-2019 0 5	0	5
Search average for time-taken field Hi, I have a log file that has a field called "TimeTaken". The values of this field are in the format: 00:01:27.763 ... by salles Loves-to-Learn Lots in Splunk Search 06-21-2019 0 3	0	3
How to create new field from a mv comma separated ip value field? My IP field will come in as the following: 1.1.1.1,2.2.2.2 I need to extract the first IP and store it in another ... by clozach Path Finder in Splunk Search 06-21-2019 0 3	0	3
Timechart - span=30m show data in 15th and 45th min I am trying to create a timechart base search ... \| timechart span=30m latest(COUNT) as COUNT by NAME it i... by askkawalkar Path Finder in Splunk Search 06-21-2019 1 5	1	5
How to create a table row with all values? Hi I have the following table: IP \| Event \| Bad 10.10.10.1 \| fail \| 10.10.10.... by vbotnari1 Engager in Splunk Search 06-21-2019 0 4	0	4
Available public dataset with hotel/hostel reservations I would like to play with some database containing hotel reservations - who (guest's name, country, gender etc) reser... by dariusz_fedejko Engager in Splunk Search 06-21-2019 0 0	0	0
SplunkJS: How to check if the search is currently running with Javascript? Hi, I have an issue in my project code, something runs a function that starts multiple searches- multiple times. I w... by seva98 Path Finder in Splunk Search 06-21-2019 0 3	0	3
How to disable Splunk app using deployment server? Hi all, I have deployed an app using a deployment server in Splunk. Suppose I got a new update for that app and I n... by tbavarva Path Finder in Splunk Search 06-21-2019 0 5	0	5
Error in 'eval' command: The expression is malformed. An unexpected character is reached at '0)'. Hi guys, Pulled this search off gosplunk's website and tried to run it in my test environment, and received the error... by dharveynswccd Path Finder in Splunk Search 06-21-2019 0 3	0	3
How do I sort this stats count? This is my search below. It shows Country and count. How do I sort the count field for largest to smallest? index="c... by bayman Path Finder in Splunk Search 06-21-2019 1 5	1	5
Is it possible to define tags using regex? I would like to define a tag in splunk using a regex. Example: host=st1231, host=1232, host=1233 --> the name of the... by tgdvopab Path Finder in Splunk Search 06-21-2019 0 10	0	10
How to set up radio button or checkbox to alter text search? I'd like to use a radio button or checkbox to alter a search i.e. toggle between either Index=$index$ host=$host$ s... by raborder New Member in Splunk Search 06-20-2019 0 2	0	2
How to get the latest entry from a lookup table? I'm creating a chart which includes the use of a lookup table file, but I only want it to pull up the latest entry fo... by mcram52 New Member in Splunk Search 06-20-2019 0 1	0	1
blacklist file form inputs.conf Here is my input.conf. [monitor:///tcom/servers/.../logs/*] blacklist = this_log.log-12345678 sourcetype = app ind... by smudge797 Path Finder in Splunk Search 06-20-2019 0 8	0	8
How to find the values of a field? I am trying to find the total count of nodes in a pool, the total count of bad nodes in the pool AND, that part I am ... by mtrochym Observer in Splunk Search 06-20-2019 0 3	0	3
How to lookup values that have spacing between words Hi, I am trying to make the lookup work where the values have space in it, for example, when the value is "I am confu... by anilpinnamaneni New Member in Splunk Search 06-20-2019 0 1	0	1