Splunk Search

Community Activity

Can you help me convert a timestamp to another timestamp? Hi all, I need to convert this timestamp 2019-03-13T00:35:10+0100 to this 13-03-2019 00:35:10 How can I do thi... by ElBorni96 Engager in Splunk Search 03-29-2019 0 3	0	3
What is a shorthand way to reference a fixed list of host names in a search? We're using Spunk in a Windows domain that has hundreds of computers. There is a fixed subset of computers that I wan... by williamcharlton Path Finder in Splunk Search 03-29-2019 0 2	0	2
How do you display AVG, MIN, and MAX as row headers by Service? I have several services that I need to calculate Avg/min/max for. {basesearch} \| stats avg(transTime) as "Avg", mi... by cmcdole Path Finder in Splunk Search 03-29-2019 0 4	0	4
Group data, but keeping data to be grouped. Hi all, I got some data structured next: url user event ------------------------------------- Url1, user1, ... by dreadangel Path Finder in Splunk Search 03-29-2019 0 4	0	4
How do you compare 2 fields from 2 sourcetypes? Hello, I have a source with proxy log sent by syslog and another with hostname blacklisted get by a text file get ev... by dleveque New Member in Splunk Search 03-29-2019 0 2	0	2
How do you combine two searches? I have two searches that work fine, but I want to show them in one dashboard. I have these two 1-....search....: \|... by Mike6960 Path Finder in Splunk Search 03-28-2019 0 4	0	4
Multiselect field with Duplicate Field Values by different labels Hi All, I have a multiselected field allowing my users to select from a list of potential hosts. However we have some... by Melstrathdee Path Finder in Splunk Search 03-28-2019 0 3	0	3
How do you exclude files in a directory? I've been struggling with this for several days now and cannot find a solution that works for me so I am turning to y... by balcv Contributor in Splunk Search 03-28-2019 0 3	0	3
How do I email customized stats tables to individual employees? I want to send an alert to each Employee once a day with a stats table customized to that employee: for instance the ... by matthewg Explorer in Splunk Search 03-28-2019 0 0	0	0
club 3 search queries into 1 I have given the query below. I am trying to display all 3 RERs- RERa, RERb, RERc. But this is displaying just RERb a... by BMUDGAL1190 New Member in Splunk Search 03-28-2019 0 2	0	2
Is there a possibility to write an event to splunk index source type through SPL? I have an requirement where the user would like to store the data to a source type of an index. and would be modifyin... by shahid285 Path Finder in Splunk Search 03-28-2019 0 5	0	5
How to delete a lookup table file and definition? I am testing some lookup files in a dev environment. I would like to clear out the first few tries and work with only... by feickertmd Communicator in Splunk Search 03-28-2019 2 5	2	5
How do you separate fields into different variables based on the beginning letter of field? So I'm sure I'm missing something obvious, but I cannot for the life of me find something similar to what I'm looking... by ibdubs Explorer in Splunk Search 03-28-2019 0 8	0	8
Splunk Subsearch / Join / Combine event query assistance I have a very large dataset of events (millions of events per hour of various event types) which are all part of the ... by gjcwilliams New Member in Splunk Search 03-28-2019 0 2	0	2
Help on SystemTime format and SystemTime stats Hi I use the search below but SystemTime doesnt return results SystemTime format is like this : '2019-03-25T03:49:42... by jip31 Motivator in Splunk Search 03-28-2019 0 6	0	6
How to do stats or top for each column in a table? Hello, let's see if someone can help with this  I have 4 fields, 3 which I would like to have sorted and counted in... by nimmos Engager in Splunk Search 03-28-2019 4 6	4	6
tstats values() function removes duplicates from a multivalued field My dashboard queries are based on datamodel. Hence we are using tstats. We have a use case where we need to mvzip 2 m... by darshildave Explorer in Splunk Search 03-28-2019 0 1	0	1
help on subsearch field matching Hi I use actually the search below in order to doing a match between a search and a workstation name (host) eve... by jip31 Motivator in Splunk Search 03-28-2019 0 1	0	1
issue with Splunk query Hi, issue is in writing correct a query Example: Let's assume I have 2 groups such as : Group Use... by su_kumar New Member in Splunk Search 03-28-2019 0 0	0	0
The "replace" function does not work well in the element of EventHandler. <fieldset submitButton="false" autoRun="false"> <input type="text" token="text" searchWhenChanged="true"> <... by yutaka1005 Builder in Splunk Search 03-28-2019 0 2	0	2
help to extract four fields in a log file with regex link textHi I want to extract the four fields after the text in yellow color and in the same line except the last fi... by jip31 Motivator in Splunk Search 03-28-2019 0 8	0	8
need help to find the matching values from two different queries Hi Team, I have two queries having different count and i want to calculate the percentage of success using the two q... by pench2k19 Explorer in Splunk Search 03-27-2019 0 1	0	1
How to use dynamically calculated threshold in alert search? Hi all, I need to calculate the standard deviation value using previous 5mins of data and have to recalculate every ... by nkkn87 New Member in Splunk Search 03-27-2019 0 4	0	4
Field Comparison Not Working in Basic Search I have two queries: index=main \| eval var1="avalue" \| eval var2="avalue" \| search var1=var2 and index=main ... by georgiawebber Engager in Splunk Search 03-27-2019 0 4	0	4
mstats and mcatalog simply does not work I try to use mstats and mcatalog command it just simply does not work, I think its Splunk settings side Im missing, ... by deodion Path Finder in Splunk Search 03-27-2019 0 2	0	2