Splunk Search

Community Activity

Create a single PEM file - ssl Hello #splunkers I had to create my first self-signed ssl for splunk web and data and I followed splunks guides but I... by net1993 Path Finder in Splunk Search 04-04-2019 0 0	0	0
How can I convert week number to starting date of that week? I have a week_number field in my data. I want to display each week_number with the date of 1st day in that week. Ex- ... by nikita012 New Member in Splunk Search 04-04-2019 0 5	0	5
Can you help me with a search query using the table command? Hi Team, I have a query to segregate and provide the data in a table format in Splunk Enterprise. index=xxx sourcet... by anandhalagarasa Path Finder in Splunk Search 04-04-2019 0 2	0	2
how to search on multiple key/value "Log was backed up. Database: <abc>" host=<xyz> I currently have multiple alerts - one for each database / server. ... by splunkhan New Member in Splunk Search 04-03-2019 0 2	0	2
How do you use an aggregated value as a filter? Hello, I need to use an aggregated value as a filter. The search returns multiple rows, and I need only those with ... by ygaluzo New Member in Splunk Search 04-03-2019 0 1	0	1
Got a search which is very slow. How can I save all the related information for further analysis if needed. Got a search which is slow. When I click the job inspector, see all the time spend on different components. Is it p... by daniel_splunk Splunk Employee in Splunk Search 04-03-2019 0 1	0	1
Splunk failed to index log file from starting of the month I've Splunk monitor a directory which contain multiple files and each for 1 day. Indexing those files work perfectly ... by daniel_splunk Splunk Employee in Splunk Search 04-03-2019 0 1	0	1
How to filter input log for certain record only I've lot of udp log and only a small portion of them contain error and need to investigate. I don't want to index all... by daniel_splunk Splunk Employee in Splunk Search 04-03-2019 0 1	0	1
How can I handle a time stamp with flexible spaces? We have a syslog data that was written to disk via the FULLDATE macro. For today, it looks like — 2019 Apr 3 19:30:... by ddrillic Ultra Champion in Splunk Search 04-03-2019 0 2	0	2
Convert Index time I am trying to change Event time Apr 02, 2019 3:15:34 AM to YYYY-MM-DD HH:MM:SS,sss format. by RASHO New Member in Splunk Search 04-03-2019 0 5	0	5
How do you combine similar Items in a search? I have a scenario where I have a data set that contains user ids, among other things, but there are two possible vers... by balcv Contributor in Splunk Search 04-03-2019 0 5	0	5
Dashboard Update Monthly Scans Hello, I created a series of dashboards that will automatically update when data from a monthly scan is ingested. In ... by DBattisto Communicator in Splunk Search 04-03-2019 0 3	0	3
Can you help me make a regular expression to extract a field? Hello, I have these events where I want to extract a filename. Right now, none of the fields capture the Filename("... by x213217 Explorer in Splunk Search 04-03-2019 0 2	0	2
How come my rex command doesn't give results as expected? I have the following log statement and I would like to retrieve the mac address which is a 12 digit string from it. ... by ananth402 Explorer in Splunk Search 04-03-2019 0 4	0	4
How do you pull and match data? Hey, So the data I am pulling from is from two source types. I indexed bigfix and tried to pull the software informa... by laquantat Engager in Splunk Search 04-03-2019 0 4	0	4
Field extraction from source field I have my Splunk source in the format below : source=/default/folder/20190403/file_PARADOX_7747_txt I am trying to ... by ppatkar Path Finder in Splunk Search 04-03-2019 0 7	0	7
How do you create new fields from the current field values? Hi, I wonder whether someone can help me please. I'm using the following query to extract data from the raw JSON fi... by IRHM73 Motivator in Splunk Search 04-03-2019 0 7	0	7
field extractions on indexer Is it possible to define field extractions on the indexer and allowing the search head to use the extractions? Or can... by aaronkorn Splunk Employee in Splunk Search 04-03-2019 1 2	1	2
round fuction usage for avg command output Hi , I have been using the stats avg(duration) as Avg_Duration in my query.But while displayin the Avg_Duration i am... by rakesh_498115 Motivator in Splunk Search 04-03-2019 1 3	1	3
How to control search duration of users Hello Splunkers, I want to put restrictions on the seach time period , right now one user can search for as long as ... by ramprakash Explorer in Splunk Search 04-03-2019 0 10	0	10
Can you help me figure out if I should use a condition statement OR an If statement? Hi all I am new to Splunk please help me on this. I am trying to check a condition that if Coin Acceptor, Receipt... by jayachandrank Explorer in Splunk Search 04-03-2019 0 7	0	7
How to get the non reporting device list?? How to get the non reporting device list?? Any way to compare the lookup and the stored data so i can get the non r... by raja8220 New Member in Splunk Search 04-03-2019 0 8	0	8
help with timechart / count needed Hello, I would like to track the license consumption as from time to time it is 4 times higher (per day) than expect... by damucka Builder in Splunk Search 04-03-2019 0 1	0	1
Checking the events from a transaction for a range of time say +/-5min. transaction id startswith="sourcetype=1" endswith="sourcetype=2" maxspan= in place of time range we want to have the ... by veerendra_modi Loves-to-Learn in Splunk Search 04-03-2019 0 0	0	0
Can we remove lookup names from dataset page? Can we remove lookup names from dataset page? I just want to show data model on this page: by vishaltaneja070 Motivator in Splunk Search 04-03-2019 0 0	0	0