Splunk Search

Community Activity

Regex pattern for url patterns to show as a single url in Dashboard We have some below Regex patterns that have special characters, alphabets & digits and wanted them as a showing up as... by vickycoder27 Explorer in Splunk Search 04-10-2019 0 3	0	3
Get fields from two searches with two common fields Hi, I'm getting a trouble with this situation. I have two searches: From the first one i get host and auid: index=... by srteclesmayer New Member in Splunk Search 04-10-2019 0 2	0	2
Remove results from table if they do not meet a condition. I am trying to create a search that will display all universal forwarders that have not checked in for over 24 hours.... by bravecarcass86 Engager in Splunk Search 04-10-2019 0 2	0	2
eval if blank field Hi, Can I use multiple field values to substitute a blank value? Currently have; \| eval final_destination = if(des... by jacqu3sy Path Finder in Splunk Search 04-10-2019 0 2	0	2
Creating a search that will fetch 10 unique repository that perform an action in the last 10 minutes Hi Splunk, I am in trying to create an alert that will send email to users if the search query returned results if t... by wailoont Engager in Splunk Search 04-10-2019 0 1	0	1
How do i compare two different fields , with the same name, from two different sourcetypes? How do i compare two different fields , with the same name, from two different sourcetypes? I am trying to check one... by splunkclarium New Member in Splunk Search 04-09-2019 0 1	0	1
How to TOP based on one of the stats by field ? Hi I have below query which gives me TOP 20 Requests based on REQUEST_COST regardless of the RequestType \| search ... by sangs8788 Communicator in Splunk Search 04-09-2019 0 2	0	2
Regex help in Splunk Hi, I have few events in splunk like these - 1. "GET /test/materials/components/fields HTTP/1.1" 2. "GET /test1 HTTP... by Shashank_87 Explorer in Splunk Search 04-09-2019 0 6	0	6
Extracting date from filename and inserting as title in dashboard I need to extract the date from my filename "abc_20190401" and put it as a title in my dashboard? by sn_18 New Member in Splunk Search 04-09-2019 0 3	0	3
Is it possible to use two base searches in one post-processing search? I have a dashboard similar to this one: <form> <label>Multiple Base Searches</label> <fieldset submitButton="fal... by krdo Communicator in Splunk Search 04-09-2019 2 4	2	4
Not able to invoke each rows sprint, the element after the "by". I have been trying to see if (sprints==last_chunk) but my problem is that, if I eval within the stats section, sprint... by awesterman New Member in Splunk Search 04-09-2019 0 2	0	2
How to use conditional tokens to run an append command I am creating a table by appending the result of many searches together so each result appears in one row of the tabl... by julmarqu Engager in Splunk Search 04-09-2019 1 2	1	2
Save results to avoid recalculation for new users per day or total number of distinct users I am pretty new to Splunk and this is my first posted question so here goes... I have an application and I need to i... by tmtcollins Explorer in Splunk Search 04-09-2019 0 1	0	1
Searching and reporting against custom indexes I created a new Index for syslogservers to store remote syslog messages coming in on a Data Input UDP:514; The inde... by salighie New Member in Splunk Search 04-09-2019 0 6	0	6
Regex Help I have this data: cfjbht06,08-Apr-2019,18:01:47,2.9,11.6 Splunk is reading this timestamp as: 4/8/19 6:01:47.200 P... by jkrehrer22 Engager in Splunk Search 04-09-2019 0 1	0	1
Complex Regex, HELP! I have a transform that I need help writing a regex for. It has two conditions. It needs to match the value in this... by jedatt01 Builder in Splunk Search 04-09-2019 1 10	1	10
Differentiate between two fields with the same name in two different jsons So I have a single log event that captures the request and the response JSONs. As a user I'd like to be able to write... by seomaniv Explorer in Splunk Search 04-09-2019 0 3	0	3
formating a text file i have a file in the format of : productId,product_name,price,sale_price,Code DB-SG-G01,Mediocre Kingdoms,24.99,19.9... by ashish_chand New Member in Splunk Search 04-09-2019 0 3	0	3
converting 1.1.1970 to epoch doesn't work, whereas converting epoch 0 to string does work... is it a bug or did I miss something? Hi, I stumbled on something funny with the time conversion functions. Trying to convert the 1st of January 1970 to ep... by grundsch Communicator in Splunk Search 04-09-2019 1 3	1	3
To extract a string which has numeric value and get the count I have logs in splunk as mentioned below 3/22/19 2:05:44.000 PM Date = 2019-03-22 13:58:19,827 \| Level = INFO \| Req... by minaljain New Member in Splunk Search 04-09-2019 0 1	0	1
How to write a search to not display the last bucket of data in a timechart? I have a requirement in which I don't want to display the last bucket of data in the timechart. Example: The bucket t... by ID_SplunkUser Path Finder in Splunk Search 04-09-2019 1 5	1	5
How to modify a part of a search based on two inputs selection? Hello, I have a dashboard with 2 inputs: A radio input with two buttons, index and role, with the token viewText inp... by ktn01 Path Finder in Splunk Search 04-09-2019 0 1	0	1
HELP FOR FORMATTING TEXT IN A PANEL SEARCH Hello I have the panel below in my dashboard <row> <panel> <single> <search> <query>\| i... by jip31 Motivator in Splunk Search 04-09-2019 0 2	0	2
Stop kv-store lookup from grouping values per key I have a kv store that has several fields (ip addresses, time stamps etc) tied to a unique key (the default mode) - w... by christoffertoft Communicator in Splunk Search 04-09-2019 0 7	0	7
Splunk 6.2.4, TA-tippingpoint 3.3.0 - Failed extractions I have TA-tippingpoint 3.3.0 app installed on Enterprise Splunk 6.2.4, but there are no field extractions for the IPS... by may_aaron Engager in Splunk Search 04-09-2019 1 6	1	6