Splunk Search

Community Activity

How to get the required text from rex? Hello, I want to extract only the required text from Logs using rex. for instance, consider in logs there is some da... by saitejagayala New Member in Splunk Search 04-03-2019 0 6	0	6
Splunk logs dedup/consolidation Hi Splunkers! Do any of you know if there is a built-in feature or mechanism in Splunk that aggregates similar logs... by astatrial Contributor in Splunk Search 04-03-2019 0 7	0	7
(While) Loop function in search I'm currently facing an issue where I would solve it with a loop function in any programming language. But I'm now ... by dvbeekcinq New Member in Splunk Search 04-03-2019 0 3	0	3
query help with chart Hi, I have a csv file with inputs like this : Time,Device,Interface,Duration,Bits In/sec,Bits Out/sec,BW 3/22/2019 ... by surekhasplunk Communicator in Splunk Search 04-02-2019 0 7	0	7
Join command not matching on username properly I'm trying to join the two queries together one which queries the total number of accesses by a student and then the ... by jsoohoo New Member in Splunk Search 04-02-2019 0 0	0	0
Help me to Format date Hi I want to format the date field with the following format Ex: 20190401 Expected: 01 Apr 2019 Mon Thanks by rockts89 Engager in Splunk Search 04-02-2019 0 2	0	2
How to check the gradual increase of the value of a field which crosses 3 time increment I have a requirement, where I need to display name of an queue, for which the size of the queue is keep on increasing... by akarivaratharaj Communicator in Splunk Search 04-02-2019 0 3	0	3
How do you remove remote data with configure file? Hi, Splunkers: Recently, I've migrated my indexer to search head, but I'm not very familiar with configure files. Th... by aojie654 Path Finder in Splunk Search 04-02-2019 0 3	0	3
How do you create a timestamp field? I'm inputing a txt file into Splunk, and I need assistance with timestamp format and prefix. Example event: 05:12:2... by clarkedayne New Member in Splunk Search 04-02-2019 0 2	0	2
How can I run the extract command on field extracted by the rex command Cog in a larger machine, I have asked my Splunk team to improve the parsing on some of our logs, but it hasn't happen... by seomaniv Explorer in Splunk Search 04-02-2019 0 4	0	4
Scheduled search in a dashboard Hello Everyone, I have created a dashboard and wants the result for last 7 days; and want to schedule it and run e... by bagarwal Path Finder in Splunk Search 04-02-2019 0 3	0	3
How do you perform a mathematical calculation on the results of two queries? Hello, I have two queries: 1. index=abc slice_played slicer=Latency externalUserID="$ext$" assetID="806d682119ac46d1... by moizmmz Path Finder in Splunk Search 04-02-2019 0 2	0	2
Why is my lookup with a single column not working? I have a CSV of filenames. The column header name in the CSV is indicator_F. Index=main has a field = file, which a... by Log_wrangler Builder in Splunk Search 04-02-2019 0 1	0	1
How do you group by substring of URI? I have raw data like below: /?AID=10654946&PID= 40 /test_main.jsp 232 /topic1.jsp?redirectPage=/main/word/unde... by vas123 Explorer in Splunk Search 04-02-2019 0 3	0	3
Can you help me chart a statistics table on a month by month basis? Hello, I have a search that generates a statistics table based on the timerange I select. How can I select, lets sa... by x213217 Explorer in Splunk Search 04-02-2019 0 1	0	1
tstats summariesonly=t gets no results on accelerated data models I have installed the CIM app done all of the event typing and tagging to get my data into the data models relevant to... by responsys_cm Builder in Splunk Search 04-02-2019 2 17	2	17
Can you help me to extract a date field? Hello Splunkers, I need to extract only the date with the below logs in format mm/dd/yyyy. Could you please assist? ... by ramprakash Explorer in Splunk Search 04-02-2019 0 1	0	1
How to parse my JSON data with spath and table the data? I am trying to parse this json using spath, { "Class": "11", "date": "05/16/2016", "Student": [ { "... by deepak312 Explorer in Splunk Search 04-02-2019 1 7	1	7
How do you make a Splunk Dropdown based on a field from a string result? I have a Splunk search that returns a string with the format A;B;C I want to create a dropdown in a Splunk dashboard ... by starbac Explorer in Splunk Search 04-02-2019 0 1	0	1
Using appendcols to get percent success in one time range vs another I have the following search that I'd like to schedule to run after changes. The goal is to detect a change in success... by jiman7697 Explorer in Splunk Search 04-02-2019 0 1	0	1
How to generate a regular expression to extract the email from my _raw event? Help me with regular expression in search to pick hello2017@gmail.com from _raw event below <string>hello2017@gmail... by sravankaripe Communicator in Splunk Search 04-02-2019 0 5	0	5
How can I get UsePct Please tell me know how can I get UsePct data? I must get the UsePct data which the MountedOn="/tmp" . Already type ... by leov123 New Member in Splunk Search 04-02-2019 0 6	0	6
How do you extract a field value with regex? Hello, I have an event that looks like : > <18> 20/02/19 22:23:59 : Maintenance counter "Digital Materials Mode" V... by sarit_s Communicator in Splunk Search 04-02-2019 0 2	0	2
Can you help me with a question about a search using the loadjob command and an earliest time modifier? i have a saved query that can show data up to 90 days. But, when i run the search using the loadjob command, i would... by jiaqya Builder in Splunk Search 04-02-2019 0 1	0	1
Drilldown tokens earliest and latest for a timechart that is set to Global Hi, I have a timechart that shows the status of tickets per month. index="_internal" \| where _time >= $timepicke... by dojiepreji Path Finder in Splunk Search 04-02-2019 0 3	0	3