Splunk Search

Community Activity

"As" command modifier not working New to Splunk. Trying to use the "as" command modifier to change the name of a column. However, the modifier is not b... by grook New Member in Splunk Search 05-06-2019 0 4	0	4
Line graph incorrectly shows a flat line Hi I have the following search query which shows the output as shown below,as you can see the issue is the linegraph... by isplunk2999 Path Finder in Splunk Search 05-06-2019 0 6	0	6
Why is search command TERM not working in one system but does in another? We just found out that the search command TERM does NOT work when used on extracted fields in one of our Splunk Enter... by sansay Contributor in Splunk Search 05-06-2019 0 5	0	5
Search command for different PC's Hy, i have create a Dashboard with Error Logs. 1 for all pc's: Computername="*", it works, i see all PC's but which ... by Rhuen New Member in Splunk Search 05-06-2019 0 3	0	3
Matching log events with dynamic context information (e.g which version of package X was installed?) Hi everyone, I am using Splunk Enterprise 7.0.8.5 with the Universal Forwarder 6.5.2/6.5.3 on multiple hosts runnin... by almin Engager in Splunk Search 05-06-2019 0 3	0	3
Display only values found in two searches index=rap sourcetype="joyner lucas" \| dedup albums\| table albums \|append [search index=country sourcetype="lil Nas" \|... by atl215 New Member in Splunk Search 05-06-2019 0 3	0	3
Send logs from Splunk Enterprise to Elastic Search Hi, i hope someone can help us, please. We have to send our logs that we receive from Firewall's, Sysmon, etc from ... by Said7 Explorer in Splunk Search 05-06-2019 0 4	0	4
Cannot reproduce Predict command confidence interval Dear Team, I understand we are using Kalman filters in predict command. I am comparing our existing Kalman implement... by jaideeplamba Explorer in Splunk Search 05-06-2019 1 14	1	14
Does anyone know how query for non alpha numeric characters? Is there a way to search for non-alphanumeric characters? We have an index that sometimes generates data that contain... by reneedeleon Engager in Splunk Search 05-06-2019 0 7	0	7
query reg directory files monitoring Hi team, I have some directory paths as below path arrival_time home*/vivek/fi... by pench2k19 Explorer in Splunk Search 05-06-2019 0 3	0	3
Reduce index period for old Index Hi All, We had an index named axo, which is around 3 years old and had around 300 GB of data. Now we have decided to... by trkswe New Member in Splunk Search 05-06-2019 0 2	0	2
Transaction command: How to get the latest value of field after transcation command? As per the given example , I was looking to find the "value" of a field which is part of the 1st leg of the transacti... by koshyk Super Champion in Splunk Search 05-06-2019 0 2	0	2
Scatter plot whose x axis defaults to an incrementing index/count In Excel, it's possible to create a scatter plot and only feed in one column of data and the X axis will default as a... by chashi New Member in Splunk Search 05-05-2019 0 1	0	1
Timestamp for values in a lookup table Is there any way I can find out when was a particular value entered into a Lookup table? My search query depends on t... by kiranpatil1985 New Member in Splunk Search 05-04-2019 0 2	0	2
Elb unhealthy hosts i wanted to create an alert when unhealthy host count is greater than 2 for an elb in splunk looking for help to crea... by ananyakolli New Member in Splunk Search 05-03-2019 0 0	0	0
Evaluate if there are no search results or events for a field with a certain value Hello, I need to report on a set of lets say 4 different jobs regardless if there are event results for each one. I... by x213217 Explorer in Splunk Search 05-03-2019 0 2	0	2
Count the Number Times Individual Users Login/LogOff/Close/TimeOut Hello, There are four different states of ID usage, which have the following field names: Login_ID, Logoff_ID, Closed... by genesiusj Builder in Splunk Search 05-03-2019 0 6	0	6
Timechart with top values split by host Hi. Let me provide some backstory. I've been assigned some dashboards. I need to make them interactive, but one has... by bbknowles Explorer in Splunk Search 05-03-2019 0 1	0	1
How to create multiple line charts in splunk? Hi I have the following data in a dictionary and I would like to create a multi-series line chart with timestamp X-... by isplunk2999 Path Finder in Splunk Search 05-03-2019 0 6	0	6
appendcols - How can I match the same row in a query? Hi All I have a query that join two searches I need to complete the information from the second query in the same ro... by maridelfi Explorer in Splunk Search 05-03-2019 0 2	0	2
Is it possible to modify medata? Hello, I would like to know if I can use Splunk to access and modify metadata. And if the answer is yes, which plugin... by antoinep83 New Member in Splunk Search 05-03-2019 0 2	0	2
Unable to mask data with regex Example Log: CEF:0\|WAF\|SIEMintegration\|1\|1\|Normal\|0\| fileId=989000730114151753 sourceServiceName=website.com postbod... by cborchgrevink Engager in Splunk Search 05-03-2019 0 2	0	2
How to search based on a time field that is not _time? Hi, I have two time fields. _time (This is the splunk time stamp)abctime (format YYYY-MM-DD) How do I search the ... by Kukkadapu Path Finder in Splunk Search 05-03-2019 3 8	3	8
Trouble extracting field using regex I'm having an issue using regex to extract some _raw data and I hope someone can help me. The below regex examples w... by gopx101 New Member in Splunk Search 05-02-2019 0 4	0	4
Regex to extract information in specific field Dear Experts , Need experts advice to extract "ABC6_IN_S14093456789" from below information which is available in fi... by kirangurram Explorer in Splunk Search 05-02-2019 0 6	0	6