Splunk Search

Community Activity

	How to generate a regular expression to extract the email from my _raw event? Help me with regular expression in search to pick hello2017@gmail.com from _raw event below <string>hello2017@gmail... by sravankaripe Communicator in Splunk Search 04-02-2019 0 5	0	5
	How can I get UsePct Please tell me know how can I get UsePct data? I must get the UsePct data which the MountedOn="/tmp" . Already type ... by leov123 New Member in Splunk Search 04-02-2019 0 6	0	6
	How do you extract a field value with regex? Hello, I have an event that looks like : > <18> 20/02/19 22:23:59 : Maintenance counter "Digital Materials Mode" V... by sarit_s Communicator in Splunk Search 04-02-2019 0 2	0	2
	Can you help me with a question about a search using the loadjob command and an earliest time modifier? i have a saved query that can show data up to 90 days. But, when i run the search using the loadjob command, i would... by jiaqya Builder in Splunk Search 04-02-2019 0 1	0	1
	Drilldown tokens earliest and latest for a timechart that is set to Global Hi, I have a timechart that shows the status of tickets per month. index="_internal" \| where _time >= $timepicke... by dojiepreji Path Finder in Splunk Search 04-02-2019 0 3	0	3
	Can you help me get an HTML link of a timechart? I have to get an HTML link of a specific timechart to have an opportunity to embed this link to another foreign site.... by kvaga Explorer in Splunk Search 04-02-2019 0 1	0	1
	How do you limit duplicates in -24h@h time duration? The issue is when i schedule the index, suppose at 9.00 AM everyday (original count is 700), I am getting double data... by dtccsundar Path Finder in Splunk Search 04-02-2019 0 0	0	0
	How can I add output of a search as a new column to existing csv ? Hello, I have an existing .csv named "test.csv". In this csv file, there are fields named srcip and time. Also I have... by batuhankutluca Explorer in Splunk Search 04-01-2019 0 7	0	7
	Can you help me combine several applications and report on how much RAM those apps use by hostname? I have an application that uses several applications, and I need to report on the overall RAM Usage. I am using uber... by jfattizzi New Member in Splunk Search 04-01-2019 0 1	0	1
	How do you create a custom KMZ File? I have a requirement where I need to create a Custom Choropleth Map of locations for my organization. I understand we... by ashutoshab Communicator in Splunk Search 04-01-2019 0 1	0	1
	How do you add notes for events? I'm looking for a way to use a modal form to add comments to events. The behavior would be to click on an event, hav... by dokaas_2 Communicator in Splunk Search 04-01-2019 0 1	0	1
	How do you lookup match field names by wildcard or regex? I have some customer provided CSV lookup files. These lookup files have some "similar" field names, which means they ... by xshen_anji New Member in Splunk Search 04-01-2019 0 9	0	9
	Why is my query terminating with "unexpected error"? Hello, I am running a query to analyse 1 year of data and find out the number of users that used the application per... by akasthi New Member in Splunk Search 04-01-2019 0 5	0	5
	Return date string from a subsearch Hi all, I am attempting to rename a column titled 'Yesterday' with yesterday's date. The goal is it would look like ... by maxzintel Path Finder in Splunk Search 04-01-2019 0 4	0	4
	Pull data only for the models that I want to pull data Hello , If I have models that are KV800 and other models that are advancements to this model as in KV800-48S or KV800... by bzsplunk54 New Member in Splunk Search 04-01-2019 0 4	0	4
	How do you pass the time picker value into an eval calculation? I am doing an eval calculation to get a percent for uptime. I would like to get my value from the time picker, so tha... by computemoore78 New Member in Splunk Search 04-01-2019 0 15	0	15
	Duration of all events without time overlap in total? Hello everyone, beginning on Splunk and asking for your help I've got something like this in my transaction : Even... by Zakary_n Path Finder in Splunk Search 04-01-2019 0 9	0	9
	Monitor if folder is available Hi, I am trying to monitor a network folder to check if it is still reachable. I don't care about the contents, I ju... by FraserC1 Path Finder in Splunk Search 04-01-2019 0 1	0	1
	Help is required regarding Splunk joining Hi, I am facing some issue with Splunk query while using joining. Our requirement is find out the high response time... by sg86sourav New Member in Splunk Search 04-01-2019 0 5	0	5
	Help to extract other than numbers Hi I need help to extract other than numbers from a string Ex: test34565 test.xyw2345 test-abc53243 Output test t... by paullt12345 Explorer in Splunk Search 04-01-2019 0 2	0	2
	How do you change a row by checking another row? Hi Team, In the screenshot below, I want to change the criticality of sorcetype S2 to P2(row 3) if its Id is availab... by veerendra_modi Loves-to-Learn in Splunk Search 04-01-2019 0 10	0	10
	Subsearch fails but the results it produces work In searching this I am reaching the conclusion that subsearches are viewed with some disdain by the more experienced ... by pmelon Explorer in Splunk Search 04-01-2019 0 3	0	3
	Can you help me use a macro in an eval statement and IN operator? We're trying to use a single macro in two different contexts — an "eval" command and "IN()" operator. We can't seem t... by lospinoj2 New Member in Splunk Search 03-31-2019 0 2	0	2
	How do you extract a field between 2 fixed words? Need help extracting\creating a new field between 2 fixed words. Example: !CASH OUT $100.00! ... by clarkedayne New Member in Splunk Search 03-31-2019 0 3	0	3
	How do I compare search results from two different time periods? Good day! Could you help me, please? I need to compare the number of unique user connections in two time intervals:... by stevesmith08 Explorer in Splunk Search 03-31-2019 0 2	0	2