Splunk Search

Community Activity

	How to calculate the average based on fields. Hello I think this should be simple enough but somehow I am not able to understand how to approach it. Here is the s... by theouhuios Motivator in Splunk Search 03-26-2024 0 5	0	5
	Plot rate of change of count Hi all, Im analysing event counts for a specific search criteria and I want to know how the count of values changed... by jpillai Path Finder in Splunk Search 03-26-2024 0 1	0	1
	correlate value using common field Here is my search in question, the common field is the SessionID index=eis_lb apm_eis_rdp \|fillnull value="-" \|search... by MrGlass Explorer in Splunk Search 03-26-2024 0 3	0	3
	Can I apply masking at host level instead of sourcetype? I want mask some data coming from web server logs particularly only one server out of all my web server logs. Can I a... by abi2023 Path Finder in Splunk Search 03-26-2024 0 1	0	1
	Transaction without endswith Hi! Filtering data from an amount of hosts looking for downtime durations. I get a "forensic" use view with this sear... by martinhelgegren Explorer in Splunk Search 03-26-2024 0 2	0	2
	Bring several events together. Hello everyone, I'm coming to you for advice. I am currently working with splunk to create monitor WSO2-APIM instance... by michaelteck Explorer in Splunk Search 03-26-2024 0 3	0	3
	Identify predictor fields Good morning fellow Splunkthiasts!I have an index with 100k+ events per minute (all of them having the same sourcetyp... by eregon Path Finder in Splunk Search 03-26-2024 0 1	0	1
	Get distinct count from different sources I have 3 different sources of the same filed. I want to aggregate all the 3 sources and get the distinct count of the... by raghubankapur Engager in Splunk Search 03-26-2024 0 2	0	2
	Different search time in subsearch/join Hi I have two sets of data, one is proxy logs (index=netproxy) and the other is an extract of LTE Logs which is logs ... by KellyP Splunk Employee in Splunk Search 03-25-2024 0 4	0	4
	How can I find the response time with an event time and max time of the events We have a use case where we need to calculate the time difference between the maximum infotime (steptype="endNBflow")... by slearntrain Explorer in Splunk Search 03-25-2024 0 6	0	6
	Calculate Ratio of Two Counter Streams I've two counter streams, I would like to display that as a percentage asB/(B+C) in the chart but it always gives me... by sks New Member in Splunk Search 03-25-2024 0 2	0	2
	Splunk not able to extract fields properly Hi Splunk Experts, I have some data coming into splunk which has the following format: [{"columns":[{"text":"id","t... by janesh222 Engager in Splunk Search 03-25-2024 0 2	0	2
	Comparing lookup file with an index I am trying to compare an IP address field called ex_ip thats stored in a lookup file with an index called activity w... by pop345 Loves-to-Learn Lots in Splunk Search 03-25-2024 0 7	0	7
	Unique users logging in each day chart / search I seem to be close on trying to find the statistics to be able to pull unique users per day but I know I'm missing so... by tylermonteith Explorer in Splunk Search 03-25-2024 0 5	0	5
	How to use different time ranges in subsearch and main search ? Hi, am creation a dashboard using dashboard studio, and i want to run a query with subsearch.i want to use the time f... by selvaraj4u New Member in Splunk Search 03-25-2024 0 1	0	1
	Perform an operation on values in the column of a lookup table that share the same row values I have a lookup table that looks like this (:Column 1Column 2Column 3Column 4Value 1--15Value 1--60Value 2--75Value 2... by matthewob5 Engager in Splunk Search 03-25-2024 0 1	0	1
	JSON extraction Hello Expert Splunk Community ,I am struggling with a JSON extraction .Need help/advice on how to do this operationDa... by psamuel69 Explorer in Splunk Search 03-25-2024 0 5	0	5
	Using mstats to create separate columns per metrics I know that I can combine multiple metrics using mstats as: \| mstats avg(_value) AS "Average" WHERE metric_name=metr... by kutsyy Engager in Splunk Search 03-24-2024 0 3	0	3
	To Remove values with '0' from the calculation I have below query to calculate average response times. For some reason some times the value is coming as '0'. i want... by sabari80 Explorer in Splunk Search 03-23-2024 0 7	0	7
	Help on Splunk query Hi, I have 4 fields in my index ID, Method, URL, HTTP_responsecodeID is in the form of XXXX-YYYY-ZZZZ-AAAA, Now, I wa... by suvi6789 Path Finder in Splunk Search 03-23-2024 0 1	0	1
	How to Remove the null values in a field for particular type only. HI,I have a single query to get all types of data in table.for one particular type I have an issue with the null valu... by vinod743374 Communicator in Splunk Search 03-23-2024 0 2	0	2
	Combining two fields into one field I currently have two different fieldsHost DomainF32432KL34 domain.comI wish to combine these i... by psomeshwar Path Finder in Splunk Search 03-22-2024 0 3	0	3
	extract only xml part from an event Hi,my event has unstructured data i.e. few strings than xml part than few more strings and another xml follow by few ... by eranhauser Path Finder in Splunk Search 03-22-2024 0 5	0	5
	Few fields not visible when check on the all feilds section but i can see them when i table them with the names. I have a strange issue, when i search for specific event in Splunk and I am looking for specific fields( ex field1, f... by HarishSamudrala Loves-to-Learn in Splunk Search 03-22-2024 0 6	0	6
	Excluding multiple slashes throughout regex capture string Trying to figure out how to extract a field using regex to capture the entire string. Only problem is there are a bu... by splunkrush Engager in Splunk Search 03-22-2024 0 2	0	2