Splunk Search

Community Activity

How do i get the count of Java Threads on a particular server using Splunk? Hi, I want to calculate the Java threads on my 4 application servers. I have one query but i believe that gives all t... by Shashank_87 Explorer in Splunk Search 04-15-2019 0 2	0	2
Using MVZip and MVExpand on MultiValue fields where array sometimes doesnt exists {<!-- --> "timestamp": "2019-04-11T16:44:45.497462", "payload": {<!-- --> "KEY_CHK_DCN_NBR": "19054", "recommendations": ... by rajkumarsowmy New Member in Splunk Search 04-15-2019 0 2	0	2
How to build a chronological event list I have an index that lists (among other things) a device, event date, and level (1-4). Devices change levels at rando... by cpressl New Member in Splunk Search 04-15-2019 0 0	0	0
Eval statement not working... For some reason the following isn't working: index="sandbox" sourcetype="as-cdr" \|stats count AS numCalls \|append [s... by msarro Builder in Splunk Search 04-15-2019 0 5	0	5
How do I alert when a host stops sending data? What's the best way to create a search to identify which hosts have not sent a syslog message to Splunk in the last 2... by matt Splunk Employee in Splunk Search 04-15-2019 2 10	2	10
Combine different searches into a single table or report Hi I have 10 different Splunk queries that return results only when there is an issue or a flag of 1. All the queries... by johnsasikumar Path Finder in Splunk Search 04-15-2019 0 1	0	1
How to customize and sort columns with specific conditions? Hi, I am looking to sort column with specific condition. Condition: if column Context_Command contains * it should... by AKG1_old1 Builder in Splunk Search 04-15-2019 1 2	1	2
combine two search results tables by matching fields value Hello Guys , I am having results from two different query 1> index=_internal ("version" AND source="/opt/splunk/va... by kannu Communicator in Splunk Search 04-15-2019 0 10	0	10
Filter search string to field with only 1 specific value I want to output computers who only has started 1 specific application Field values: Application + Computers There i... by lbkAconectodk New Member in Splunk Search 04-15-2019 0 7	0	7
Help on subsearch Hello I use the search below it works fine..... BUT for some host, I cant catch the fields there is in the subsearch... by jip31 Motivator in Splunk Search 04-14-2019 0 7	0	7
How to group results that has 5 or more distinct values in list(repo_name) ? Hi, I have a search query as below. query \| stats list(repo_name) by user_login This returns username with their ... by wailoont Engager in Splunk Search 04-14-2019 0 2	0	2
How do I disable drill down (completely) for certain columns in a table? Hi there, I need to disable drilldown on certain columns. Unlike the answer given here... https://answers.splunk.co... by nick405060 Motivator in Splunk Search 04-14-2019 1 8	1	8
How to display a linechart that uses the same field for different devices? So I have HomeAssistant installed and I'm sending all of the events off to my splunk server. I recently had my attic... by thefuzz4 Path Finder in Splunk Search 04-13-2019 0 2	0	2
Find the "No events" Given the search stats count by Name, Fruit results in: Name, Fruit, count Mike, Bananas, 10 Mike, Apples, 10 Sus... by fred1455 New Member in Splunk Search 04-13-2019 0 4	0	4
How to populate a lookup file with eval? Hi, I would like to update a lookup file with, for an example 10 new information, through Splunk Search only. The ... by vbantug New Member in Splunk Search 04-13-2019 0 2	0	2
how to compare characters in two fields and return number of matches? I have two fields se_split and re_split which are lined up like so re_split se_split a ... by brienhawker Explorer in Splunk Search 04-13-2019 1 10	1	10
adding another field after using set diff Hi Splunkers I have a set of results from using set diff which is all good. I am now wanting to output another field... by proylea Contributor in Splunk Search 04-13-2019 0 20	0	20
How to compare the same search from the previous day to current day using set diff? Hi guys, I am very new to Splunk (about 1 month or so) and I am having some trouble incorporating "set diff" into my... by darrenaefc Engager in Splunk Search 04-13-2019 0 8	0	8
How can I normalize timechart with field values having wide variation Have a log file that has http response codes in a particular field. I am doing timechart on it but as the 200 respons... by smiththebest New Member in Splunk Search 04-13-2019 0 2	0	2
How to correlate two searches with one field containing other index's field? Hi, I have two queries with one field being common to correlate and combine the result. But the problem i am facing ... by sangs8788 Communicator in Splunk Search 04-13-2019 0 5	0	5
Time conversion from UST to EST in search results Hello Team, I am facing this issue where my logs are written in EST and the time stamp on the log is UST ( Lets say... by vn86893 Explorer in Splunk Search 04-12-2019 0 2	0	2
Identify elapsed time from two records sharing the same key The input data looks like below. Req_no\|Type\|Time 1000\|Request\|2019-04-10T11.21.46.455Z 1000\|Response\|2019-04-10T11.... by mariraj New Member in Splunk Search 04-12-2019 0 2	0	2
desfased server hour Hello splunkers, I have this search: index = "sti" sourcetype = "Genera_AVI" \| fields _time \| head 1 \| eval tiempo =... by rjfv8205 Path Finder in Splunk Search 04-12-2019 0 3	0	3
How do I filter field values not present in the successful events in the super search I wanted to extract MAC address from events that were never succeeded within a time boundary. I am dealing with event... by rafiqul New Member in Splunk Search 04-12-2019 0 1	0	1
How to compare IP's list from one Index with IP's in different index? Hello splunkers, I have two different indexes with large number of IP's. Let's say 30k in one index A and >100k in o... by snallam123 Path Finder in Splunk Search 04-12-2019 0 6	0	6