Splunk Search

Community Activity

Splunk SDK - Search String with parameter having Spaces By using Splunk SDK, able to use the below search string and get the results from SPlunk String searchQuery_string = ... by duddukuri Explorer in Splunk Search 05-24-2019 0 1	0	1
In a datamodel search why are tstats and stats results not the same? hello splunker. i changed search to datamodel search(tstats) for speed up. but, stats and tstats result are slight... by YUNHYEONG Explorer in Splunk Search 05-24-2019 0 5	0	5
Rex to parse key/value tags in splunk Hello all, Please help me with some regular expression. This is the text: {"Value": "arn:aws:cloudformation:us-west-2... by braicu New Member in Splunk Search 05-23-2019 0 3	0	3
Avg Day of Week does not show up, when no result found Hello, I`m trying to find a solution for this problem. The result of the following SPL query should show every day o... by Silmarillion197 Explorer in Splunk Search 05-23-2019 0 6	0	6
Can I execute several functions with a single (perhaps custom) command? Based on the statistical data we have to generate, we normally have to type out many functions like so: search strin... by kamryn Explorer in Splunk Search 05-23-2019 0 2	0	2
Why does WinNetMon report Protocol ID=58 as SIP? WinNetMon maps protocol #58 to "SIP", but according to IANA, #58 is "IPv6-ICMP"? Seems fine for others: 17=UDP,6=TCP... by templets Path Finder in Splunk Search 05-23-2019 0 0	0	0
list all fields within a sourcetype Hi, Is there a way to display all fields being used by a sourcetype, without the values? by a212830 Champion in Splunk Search 05-23-2019 2 5	2	5
How to attain a list with all the fields in which a certain string appears? For example, given the fields and values: field1=A123 field2=baba field3=A123B field4=bA123 I want a list with the... by msolgonza New Member in Splunk Search 05-23-2019 0 4	0	4
How to troubleshoot eval expressions? I'm new to Splunk, and I am trying to figure out how the eval command works in searches. Sometimes I don't get any r... by fabriziorti New Member in Splunk Search 05-23-2019 0 6	0	6
How to add a new column after lookup match? Hi all, I'm stuck with this i hope somebody can helps me. I have a csv lookup with following data for search matche... by cpm003 Path Finder in Splunk Search 05-23-2019 0 2	0	2
Trying to get stats output for 2 fields after the "by" I have data that looks like this: event,myField,myHost,myCategory yes,a,host1,category1 yes,b,host1,category1 yes,c,... by dsong555 Engager in Splunk Search 05-23-2019 0 4	0	4
How to compare an empty field with epoch time? Hello, I have two fields: dateTimeA and dateTimeB. When dateTimeA is empty, I add "NULL" string. Then I use strptim... by jam00 Explorer in Splunk Search 05-23-2019 0 3	0	3
renaming fields in search I have a query like this sourcetype="beta" index="alpha" \| table fieldA, fieldB, fieldC how do I rename fields fiel... by asarolkar Builder in Splunk Search 05-23-2019 4 8	4	8
Linux mounting/unmounting I am attempting to create a search string for a Linux box which involves mounting/unmounting removable media devices ... by mvitullo New Member in Splunk Search 05-23-2019 0 4	0	4
Lookup file : add a rule Hello, Got a lookup file looking like this : USER,GROUP Peter,group1 Parker,group1 John,group2 Kevin,group2 I'd l... by Zakary_n Path Finder in Splunk Search 05-23-2019 0 3	0	3
Can I divide by zero in splunk? I was having trouble evaluating a field and I think it was because I was dividing by zero. This is my solution. Ho... by HattrickNZ Motivator in Splunk Search 05-23-2019 0 3	0	3
How to count with inputlookup? Hi, I have a search that I have been struggle for a few days. I have an index that contains two fields: type and Tot... by thanhnv244 New Member in Splunk Search 05-23-2019 0 3	0	3
Help with transforms regex needed Hello, I need help with the proper hashing of the user IDs and IP addresses using the transforms.conf I have the fol... by damucka Builder in Splunk Search 05-23-2019 0 3	0	3
How to select a time range in a timechart? Hello Is it possible to use a select time range directly in a timechart? it means that I would like to use the selec... by jip31 Motivator in Splunk Search 05-22-2019 0 5	0	5
Regex for F5 BIG IP ASM logs There is a field - req_status - for F5 Big IP ASM logs and right now when I view the values, I expect to see three: ... by jwalzerpitt Influencer in Splunk Search 05-22-2019 0 7	0	7
dropdown case to populate token Hi, I have a dropdown with 5 values. But in the following panel query the table and index which i am using has no r... by surekhasplunk Communicator in Splunk Search 05-22-2019 0 1	0	1
How to search for a missing word from an indexed log and alert if the word is not found in the last 15 minutes? I will like to search for a missing word like "main" on an indexed log and alert if that word is not found in the las... by iggydolby2 Loves-to-Learn Lots in Splunk Search 05-22-2019 0 10	0	10
need a graph of total calls per day for 7 days or 30 days Hi all, need help in getting graph for "total_calls" per day for 7 days or 30 days tried using timechart dosnt work. ... by splunkuseradmin Path Finder in Splunk Search 05-22-2019 0 1	0	1
Start external process and retrieve results later So I don't even know where to start researching on how I would setup what I want to do. I'm looking to query a numbe... by bmorgenthaler Path Finder in Splunk Search 05-22-2019 0 1	0	1
Graph weekly average but only show graph for last 24 hours I currently have a graph that shows the number of events over the last 24 hours by host. I've also included streamst... by AlexMcDuffMille Communicator in Splunk Search 05-22-2019 0 2	0	2