Splunk Search

Community Activity

How to display weekly data starting on a Monday using timecharts? I'm plotting some data on a timechart, with a span of a couple of months, and using weeks as the data points. How can... by samwatson45 Path Finder in Splunk Search 05-16-2019 0 7	0	7
Week details to be dispalyed in a filter ex: week1(1st-7th apr) , week2 (8th -14th Apr) Hi All, I have a reported date time field which i am converting and displaying as a month filter - which contains va... by rijinc Explorer in Splunk Search 05-16-2019 0 1	0	1
Group By Replace Hello, I have several things that come in via different platforms: Android (watch, phone, tablet), iOS (Watch, Phone... by jasonhask Explorer in Splunk Search 05-16-2019 0 3	0	3
splunk group by event , date_hour These are 2 diff events on my logs . taskCode=123 taskCode=456 i am trying to get an hourly count per event types ,... by officialsubho New Member in Splunk Search 05-16-2019 0 1	0	1
Datamodel missing field extractions, but base search returns those fields accurately. I have a datamodel lets say with a base constraint that returns the following two events 01-01-2019 01:00:00 type=V... by cdhippen Path Finder in Splunk Search 05-16-2019 0 3	0	3
Converting bytes to GB or MB Hey all, I was getting confused by some of the splunk answers for converting and couldn't figure out the eval portion... by pmac22 Path Finder in Splunk Search 05-16-2019 0 6	0	6
add fields after a stats count In my search i use a couple of stats counts, the problem is that after these commands I miss other that I want to use... by Mike6960 Path Finder in Splunk Search 05-16-2019 0 16	0	16
How to find event status changed Hello everyone! We have a log file contains the following information, status 0 means server is up, 1 means down: Da... by atpsplunk11 Explorer in Splunk Search 05-16-2019 0 2	0	2
How to display several time ranged search results in one dashboard panel? Hi guys, Is it possible to create several searches on data, differing in time range, and then display them in one das... by eriketro Engager in Splunk Search 05-16-2019 0 0	0	0
How to Regex the second occurrence of Account Name in AD logs I need to filter AD logs with Event Code 4725 "A user account was disabled". I need to regex and filter the second oc... by Log_wrangler Builder in Splunk Search 05-16-2019 0 3	0	3
Help identifying fast growing indexes Hi fellow Splunkers. I am the Splunk admin at my org, however that is mainly more from the Infrastructure side of th... by jwpoore New Member in Splunk Search 05-16-2019 0 3	0	3
Lookup File data retention Question Hi Team, I have requirement to show last 90 days worth of app login stats broken by day. I have a lookup table/defn... by newbie2tech Communicator in Splunk Search 05-16-2019 0 2	0	2
Stitching all Search (stats) Fields into new_raw Field (need foreach assistance) Hi all, i tried get rid of my workaround solution with adding \| collect index=test testmode=true to my searches.... by ssteinmann Explorer in Splunk Search 05-16-2019 0 0	0	0
Extract Area Code From Phone Numbers Hi, I wonder whether someone may be able to help me please. I have a list of telephone numbers of varying length, b... by IRHM73 Motivator in Splunk Search 05-16-2019 0 5	0	5
Adding Can delete Role to User LDAP Hi , i have admin privileges in splunk when i am trying to delete some data it says insufficient privileges and we ar... by ram254481493 Explorer in Splunk Search 05-16-2019 0 1	0	1
Rename field by using one of multiple wildcards I have a query that counts by source and leaves me with fields that are named like /logs/containers/3198058471-5mdkn_... by maartendhondt Explorer in Splunk Search 05-16-2019 0 1	0	1
Is it possible using rex to create field names that contain a period (.)? Hello! I'm parsing strings using rex and I'd like to define a set of field names that contain the period (.) charact... by andrewtrobec Motivator in Splunk Search 05-16-2019 0 1	0	1
how to remove spaces in xml data after field extraction I am trying to make a field extraction from xml data and but I am having a problem with special ascii characters bein... by michaelrosello Path Finder in Splunk Search 05-16-2019 0 3	0	3
Running a prediction and anomaly detection in parallel I want to build a query that can do the following. a. Monitor about 10-15 metrics from the different kinds of system... by zkn9ce6 New Member in Splunk Search 05-16-2019 0 0	0	0
Decouple a process in windows So, I want to detach a process in windows using python code. What I want to do is, I am spawning a process from Splun... by pratik97 Engager in Splunk Search 05-15-2019 1 0	1	0
Display a time chart for the distinct count of values in a field I am beginner to Splunk and could you help me with the following scenario. Lets take I have a table with the field n... by veerappan New Member in Splunk Search 05-15-2019 0 4	0	4
How do I combine and filter searches on a common field Hello, my data look like this: { correlationId: "1", field1: "something flagged", field2: "alkjsd" }... by jrjrjrjrjr Explorer in Splunk Search 05-15-2019 0 4	0	4
Default _time I have an example log file with the following format: Nov 05 10:33:37 servername applicationserver: instance,ipaddre... by camah4 New Member in Splunk Search 05-15-2019 0 3	0	3
Appending a static lookup Hi all, I'm looking for a way to append the contents of a CSV table to any search I make as an additional column. Fo... by ivan128 Explorer in Splunk Search 05-15-2019 0 2	0	2
Transaction how can i define a transaction end based an extracted value? the value of terminal during the transaction start shou... by rmathur3 New Member in Splunk Search 05-15-2019 0 5	0	5