Splunk Search

Community Activity

How do you pass the time picker value into an eval calculation? I am doing an eval calculation to get a percent for uptime. I would like to get my value from the time picker, so tha... by computemoore78 New Member in Splunk Search 04-01-2019 0 15	0	15
Duration of all events without time overlap in total? Hello everyone, beginning on Splunk and asking for your help I've got something like this in my transaction : Even... by Zakary_n Path Finder in Splunk Search 04-01-2019 0 9	0	9
Monitor if folder is available Hi, I am trying to monitor a network folder to check if it is still reachable. I don't care about the contents, I ju... by FraserC1 Path Finder in Splunk Search 04-01-2019 0 1	0	1
Help is required regarding Splunk joining Hi, I am facing some issue with Splunk query while using joining. Our requirement is find out the high response time... by sg86sourav New Member in Splunk Search 04-01-2019 0 5	0	5
Help to extract other than numbers Hi I need help to extract other than numbers from a string Ex: test34565 test.xyw2345 test-abc53243 Output test t... by paullt12345 Explorer in Splunk Search 04-01-2019 0 2	0	2
How do you change a row by checking another row? Hi Team, In the screenshot below, I want to change the criticality of sorcetype S2 to P2(row 3) if its Id is availab... by veerendra_modi Loves-to-Learn in Splunk Search 04-01-2019 0 10	0	10
Subsearch fails but the results it produces work In searching this I am reaching the conclusion that subsearches are viewed with some disdain by the more experienced ... by pmelon Explorer in Splunk Search 04-01-2019 0 3	0	3
Can you help me use a macro in an eval statement and IN operator? We're trying to use a single macro in two different contexts — an "eval" command and "IN()" operator. We can't seem t... by lospinoj2 New Member in Splunk Search 03-31-2019 0 2	0	2
How do you extract a field between 2 fixed words? Need help extracting\creating a new field between 2 fixed words. Example: !CASH OUT $100.00! ... by clarkedayne New Member in Splunk Search 03-31-2019 0 3	0	3
How do I compare search results from two different time periods? Good day! Could you help me, please? I need to compare the number of unique user connections in two time intervals:... by stevesmith08 Explorer in Splunk Search 03-31-2019 0 2	0	2
Ulimit for open files did not match Hi, I have increased our ulimit for open file in our indexer to 65536 as recommended by splunk support. After the c... by khusain_splunk Splunk Employee in Splunk Search 03-31-2019 0 2	0	2
How can I transpose/transform data in multiple rows? Hi all, I was preparing my data to be visualised. However, I met with a challenge. The below is an extract of my dat... by quahfamili Path Finder in Splunk Search 03-31-2019 0 2	0	2
Can you share some search commands related to application monitoring? Hi, I have a few access logs. Please share a few search commands related to application monitoring that will create... by asm_coe Explorer in Splunk Search 03-31-2019 0 5	0	5
how to compare two different length string until the length of the shorter one. Hi I've faced some problem about string comparing I have a value, value_1 = "abcdefg" and a lookup file, "abc.c... by apple143 Engager in Splunk Search 03-31-2019 0 2	0	2
Can you help me figure out why our semi-dynamic lookup is not working? Hi Splunk Users, My main search to find DHCP Discover logs is as below: index=bluecat (Mac_Address) "DHCPDISCOVER... by goken New Member in Splunk Search 03-31-2019 0 1	0	1
Splunk regex field I am trying to regex correlation Id's, that will be having a different unique number in every transaction. I am using... by amandahaydaw199 New Member in Splunk Search 03-31-2019 0 2	0	2
Can you help me figure out why my query is not working? index=* \|stats count by sourcetype \|table index sourcetype count The above query displays the sourcetype and count ... by VijaySrrie Builder in Splunk Search 03-30-2019 0 4	0	4
Why are my logs not available in Hadoop? We were able to see the logs in Hadoop from Splunk, but now, those logs are not available. What would be the issue? O... by VijaySrrie Builder in Splunk Search 03-29-2019 0 1	0	1
Splunk volume exceeding maxVolumeDataSizeMb setting The /volumes/summaries directory is the location of data model acceleration summaries: /opt/splunk/etc/slave-apps/clu... by rsantoso_splunk Splunk Employee in Splunk Search 03-29-2019 0 1	0	1
Can you help me mask some data during search time? Hi Splunkers, I want to mask the PII data during the search time for specific users. I checked all the existing que... by impurush Contributor in Splunk Search 03-29-2019 0 6	0	6
combine 2 queried and combine results I have 2 good searches. One outputs: Date Agent Answered Calls Average Talk Time Longest Talk Time Total Ta... by fmatera Explorer in Splunk Search 03-29-2019 0 3	0	3
aggregation over _time Hello, I have the following search: index=mlbso sourcetype=BWP_hanatraces "long running cursor detected" \| sort - ... by damucka Builder in Splunk Search 03-29-2019 0 1	0	1
How do you lookup matching numbers by values regardless of formats? I have a lookup table, mylookup.csv, such as: Key, Value 3, 30 4, 45 5, 52 I have a CSV source mysource.csv, as: ... by xshen_anji New Member in Splunk Search 03-29-2019 0 7	0	7
How do you use regex to remove duplicate characters? I have a report that requires several fields to be concatenated, each separated by a semicolon. Because some of the f... by mistydennis Communicator in Splunk Search 03-29-2019 1 2	1	2
How do you remove the first row and get same table as it is when used transpose? My query is index=_internal source=metrics.log \| search series!=_ group="per_index_thruput" \| eval GB=kb/(10... by snallam123 Path Finder in Splunk Search 03-29-2019 0 2	0	2