Splunk Search

Community Activity

Search for limit violations in subsearches of saved searches Dear fellow Splunkers, I'm running a saved search containing multiple sub searches and writing the results to a sum... by bramkostermans Engager in Splunk Search 05-07-2019 1 0	1	0
How do I sort a timechart legend by count in decreasing order, not alphabetically? Let's say I've got a timechart of URLs I'm serving. Over an hour, let's say I served this: server.com/MYcats.html -... by jofish Engager in Splunk Search 05-07-2019 1 2	1	2
Trimmed Average Calculation host = Mayhem sourcetype="phutans:servo" host=R00878 \| eval headers=split(_raw," ") \| eval plant_length=mvindex(heade... by zacksoft Contributor in Splunk Search 05-07-2019 0 9	0	9
Server Availability query from Incident data I have a lookup table with fields Application name and host, and i have a realtime Incident data with index, sourcety... by samn123 New Member in Splunk Search 05-07-2019 0 3	0	3
Can you reference a token value inside a token eval tag? Hello, I have a token called range (assume it has a value of "123-456"), and I am trying to use it inside a token eva... by johnraftery Communicator in Splunk Search 05-07-2019 1 6	1	6
Multi Valued Field Help I have looked at a ton of posts about breaking a multivalued field but having zero luck effecting a solution. I have... by ghostdog920 Path Finder in Splunk Search 05-07-2019 0 23	0	23
CPU Usage Prediction of later 15 days... of a month Hi, I am trying to create a dashboard that shows % CPU Processor time avg (Value)..but the query i used to only givin... by singh3and12 Path Finder in Splunk Search 05-07-2019 0 4	0	4
extract part of path that may or may not contain space Hello i have source path that looks like : s3://splunk/OTHER/1/OTHER/Star J750/pjserialnumber/2019-05-06T13:40:37.... by sarit_s Communicator in Splunk Search 05-07-2019 0 5	0	5
Replace every 2nd pattern with carriage. i have a field with dates in single line ( could be many dates ) ex: 2019-04-11 23:15:58.547 2019-05-02 10:11:22.833... by jiaqya Builder in Splunk Search 05-07-2019 0 4	0	4
count number of serialnumber with dc takes lots of time hello i have this query : index = amer_pj \| SerialNumber \| Region \| stats dc(SerialNumber) as Serial... by sarit_s Communicator in Splunk Search 05-06-2019 0 11	0	11
クロス集計表でパーセント表記をさせたい contingencyコマンドを使えばクロス集計表(左図)が得られますが、これをパーセント表記させる(右図)方法はありますでしょうか？ by taroito1q75 New Member in Splunk Search 05-06-2019 0 1	0	1
"As" command modifier not working New to Splunk. Trying to use the "as" command modifier to change the name of a column. However, the modifier is not b... by grook New Member in Splunk Search 05-06-2019 0 4	0	4
Line graph incorrectly shows a flat line Hi I have the following search query which shows the output as shown below,as you can see the issue is the linegraph... by isplunk2999 Path Finder in Splunk Search 05-06-2019 0 6	0	6
Why is search command TERM not working in one system but does in another? We just found out that the search command TERM does NOT work when used on extracted fields in one of our Splunk Enter... by sansay Contributor in Splunk Search 05-06-2019 0 5	0	5
Search command for different PC's Hy, i have create a Dashboard with Error Logs. 1 for all pc's: Computername="*", it works, i see all PC's but which ... by Rhuen New Member in Splunk Search 05-06-2019 0 3	0	3
Matching log events with dynamic context information (e.g which version of package X was installed?) Hi everyone, I am using Splunk Enterprise 7.0.8.5 with the Universal Forwarder 6.5.2/6.5.3 on multiple hosts runnin... by almin Engager in Splunk Search 05-06-2019 0 3	0	3
Display only values found in two searches index=rap sourcetype="joyner lucas" \| dedup albums\| table albums \|append [search index=country sourcetype="lil Nas" \|... by atl215 New Member in Splunk Search 05-06-2019 0 3	0	3
Send logs from Splunk Enterprise to Elastic Search Hi, i hope someone can help us, please. We have to send our logs that we receive from Firewall's, Sysmon, etc from ... by Said7 Explorer in Splunk Search 05-06-2019 0 4	0	4
Cannot reproduce Predict command confidence interval Dear Team, I understand we are using Kalman filters in predict command. I am comparing our existing Kalman implement... by jaideeplamba Explorer in Splunk Search 05-06-2019 1 14	1	14
Does anyone know how query for non alpha numeric characters? Is there a way to search for non-alphanumeric characters? We have an index that sometimes generates data that contain... by reneedeleon Engager in Splunk Search 05-06-2019 0 7	0	7
query reg directory files monitoring Hi team, I have some directory paths as below path arrival_time home*/vivek/fi... by pench2k19 Explorer in Splunk Search 05-06-2019 0 3	0	3
Reduce index period for old Index Hi All, We had an index named axo, which is around 3 years old and had around 300 GB of data. Now we have decided to... by trkswe New Member in Splunk Search 05-06-2019 0 2	0	2
Transaction command: How to get the latest value of field after transcation command? As per the given example , I was looking to find the "value" of a field which is part of the 1st leg of the transacti... by koshyk Super Champion in Splunk Search 05-06-2019 0 2	0	2
Scatter plot whose x axis defaults to an incrementing index/count In Excel, it's possible to create a scatter plot and only feed in one column of data and the X axis will default as a... by chashi New Member in Splunk Search 05-05-2019 0 1	0	1
Timestamp for values in a lookup table Is there any way I can find out when was a particular value entered into a Lookup table? My search query depends on t... by kiranpatil1985 New Member in Splunk Search 05-04-2019 0 2	0	2