Splunk Search

Community Activity

	Generate value of a field corresponding to duplicate value of other field I have 3 columns in my data. Minutes Store_ID 10 81165 20 80234 30 81165 40 80234 50 82345 I wish to g... by nikita012 New Member in Splunk Search 06-17-2019 0 1	0	1
	help for displaying a message in case of any results I use the search below which works fine I just have an issue when there is no results In this case, I would like to d... by jip31 Motivator in Splunk Search 06-16-2019 0 5	0	5
	After Zoom in splunk map not showing the piechart ! Before zoom in, I get the correct result. After zooming in I don't get the proper result. If we further zoom in... by ajitshukla61116 Path Finder in Splunk Search 06-16-2019 0 4	0	4
	Why is Appending two search queries with different conditions giving me the same results? I have two survey types "a" and "b" and there are two details need to be displayed as 'a%' (For all kind of "Data") ... by monyathomas New Member in Splunk Search 06-16-2019 0 2	0	2
	How do i reference columns that have been displayed as a result of previous chart command I have done a chart command --> chart count over "Survey Month" by "Survey Type" and the result displays the two su... by monyathomas New Member in Splunk Search 06-16-2019 0 5	0	5
	Extract fields from JSON array We are moving log from AWS infrastructure to Splunk index via SQS service, but somehow JSON formatted logs breaking w... by rups260386 New Member in Splunk Search 06-16-2019 0 4	0	4
	Remove events from search that match comma-separated text input Running Splunk Enterprise 7.3 I am using a text input box to get a list of values from the user to exclude from my se... by noahdietrich Explorer in Splunk Search 06-16-2019 0 1	0	1
	Creating multiple fields by extracting values from single field Hi, I have a field name Family. This field contain names of husband and wife in below Figure 1 format: All values ... by mbasharat Builder in Splunk Search 06-16-2019 0 3	0	3
	How to create a subsearch with multiple results? Hi, I've a question about sub search, I'm probably misunderstanding docs and other posts. This is my search: index... by trucall New Member in Splunk Search 06-15-2019 0 7	0	7
	Percentage on field summary values Hello, I am trying to do percentage on fieldsummary values , following is the query and results for the query - inde... by msrama5 Explorer in Splunk Search 06-15-2019 0 1	0	1
	incremental part count per hour hi! in my current project, I have to create an area map where it shows the number of parts per hour, I was able to di... by mdmaala Communicator in Splunk Search 06-15-2019 0 1	0	1
	How to find earliest time a string appeared in a value? I have a field named "example", I want to find the first time that the first log that contained the word "hello". Ho... by mlaurabermudez New Member in Splunk Search 06-15-2019 0 2	0	2
	How to create a search for Splunk alerts for duplicate events? I am trying to create a splunk alert for duplicate data and would like some help in creating the splunk search. The d... by wicke_s Explorer in Splunk Search 06-14-2019 0 2	0	2
	Help with regex in transforms Hi, I'm hoping that someone can help me with a regex. Here's the source data: <OTHERFIELD>some values</OTHERFIEL... by a212830 Champion in Splunk Search 06-14-2019 0 11	0	11
	Trouble with rex exceeding match limit I'm trying to extract a field with the result of an API from a log, either containing "success" or "success.notfound"... by splunkyhokie New Member in Splunk Search 06-14-2019 0 2	0	2
	Distance between two Geocoordinates I'm trying to find the distance between two geo coordinates and am looking for help with the search syntax.Here's wha... by srs20 New Member in Splunk Search 06-14-2019 0 3	0	3
	Increasing Time Range hides Data Hey y'all, So I am seeing a very unique and strange behavior from Splunk. I noticed an issue where a Splunk search r... by amat Explorer in Splunk Search 06-14-2019 0 11	0	11
	How to get field names from log header and removing said header? I have a log glf log file that I need to get some info out of the heads to format the log data, but other than that, ... by cboillot Contributor in Splunk Search 06-14-2019 0 2	0	2
	How to use eval to do simple conversion? Wow, I can't believe this is kicking my butt -- think I need an idiot check... (yes, I know...  I'm trying to do a... by Michael Contributor in Splunk Search 06-14-2019 0 4	0	4
	How to find the duration between two EventCode for Windows Log. Hello Everyone, I want to calculate the downtime for a particular server based on the difference between two EventCo... by gouravdashtcs Loves-to-Learn in Splunk Search 06-14-2019 0 3	0	3
	Need to add Date/Time in report I have following record in my log - 2019-06-13 10:59:56,664 INFO [FileUploadWebScript] [http-apr-8983-exec-5] The U... by runiyal Path Finder in Splunk Search 06-14-2019 0 7	0	7
	Add standalone Indexer to Search Head cluster which already have a Indexer cluster Hi SPlunkers, I have a multisite search head cluster TWO SH's SH1 ( SITE1 ) and SH2 ( SITE2 ) AND I have multisite... by sairam1444 Engager in Splunk Search 06-14-2019 0 1	0	1
	How to create a chart for status value Hi, I'm new to Splunk and I've created a table with the following headers: Hardware-Name, Environment, Portfolio, Ve... by quadealexander Explorer in Splunk Search 06-14-2019 0 2	0	2
	How to make subsearch use same time range, same index, same sourcetype as outer search? So I specify an outer query, it usually starts like this: earliest=06/14/2019:13:00:00 latest=06/14/2019:14:00:00 in... by petenetwork Explorer in Splunk Search 06-13-2019 0 3	0	3
	Search query for syslog in dashboard Hey all, Am in a need of dashboard to see my syslog traffic for four arista switches as mentioned below: AA-UKD-AA-... by mkrishnamoorthy Explorer in Splunk Search 06-13-2019 0 3	0	3