Splunk Search

Community Activity

Can't get every values for a field in lookup Hello, I have a lookup filled with IP's and time that the event happens on that time. I have a search that gets IP's ... by batuhankutluca Explorer in Splunk Search 03-20-2019 0 0	0	0
I have a tstats search that works for me (admin) but not other users (who inherit role from 'user). Why is that? I have a user who is asking how to show earliest logs indexed by the indexer for a particular host. I tried this simp... by wrangler2x Motivator in Splunk Search 03-20-2019 1 15	1	15
splunk replace the content of viz after search query execution completed I need to remove the ": 1" in content "CHG0014888 (N): 1" HTML Content: <tr> <td rowspan="2"></td> <td rowspan=... by AnilPujar Path Finder in Splunk Search 03-20-2019 0 1	0	1
How to drilldown from table with specific search? I am displaying a table list and I would like to be able to click an individual row in the list and display a chart f... by sdickerson New Member in Splunk Search 03-20-2019 0 2	0	2
Splunk RestAPI Python script for geting search (https://www.splunk.com/blog/2011/08/02/splunk-rest-api-is-easy-to-use.html) not working I am using below scripts provided in https://www.splunk.com/blog/2011/08/02/splunk-rest-api-is-easy-to-use.html . I ... by manikundalkumar Engager in Splunk Search 03-19-2019 1 0	1	0
does drilldown option contribute in search optimization does drilldown option help in optimizing the search? because when I try to place all the panels in one dashboard, the... by mdmaala Communicator in Splunk Search 03-19-2019 0 3	0	3
setting time range for x-axis hi! currently in my graph, I have in y-axis the indicator value and in x-axis the time duration for each colors, gree... by mdmaala Communicator in Splunk Search 03-19-2019 0 6	0	6
Extract string within specific tag Hello Experts , Need your assistance to extract output from one of the below XML tags. I have three XML tags with sam... by kirangurram Explorer in Splunk Search 03-19-2019 0 2	0	2
Regular Expression to extract third string when there are multiple tags with same name Hi , I need some help with regular expression. I have a field call "f" which is having XML message. I want to extr... by kirangurram Explorer in Splunk Search 03-19-2019 0 6	0	6
Append Custom Rows to Lookup Table I have a lookup table which was created manually in excel and then ported into Splunk as a lookup table via "Add New"... by pepper_seattle Path Finder in Splunk Search 03-19-2019 0 5	0	5
user rights/capacities/permissions necessary for tstats and metadata commands Hello, does tstats require read access to indexes? same question for metadata? The goal is to provide statistics fr... by splunkreal Motivator in Splunk Search 03-19-2019 0 0	0	0
creating a stacked bar chart using Gantt chart app hi! I am currently working on a project where i need to show the duration of a machines run time, down time and stop ... by mdmaala Communicator in Splunk Search 03-19-2019 0 4	0	4
Limited rows returned Splunk CLI for a table First, yes, we are using "-maxout 0" For some reason, on one of our hosts, when we run a particular query that pipes ... by EricLloyd79 Builder in Splunk Search 03-19-2019 0 4	0	4
How to make a field extraction for my sample data? UseCase to extract name that has "at: A_T "and group name by id? TestData "add[1]: HomeKit abc: "22c4902d-" ... by soniajin New Member in Splunk Search 03-19-2019 0 1	0	1
How to get a list of all devices in splunk? Good morning guys, I am relatively new to splunk and I am trying to run a query that would give me a list of all the... by coulouteg New Member in Splunk Search 03-19-2019 0 1	0	1
How to return status codes from interesting field to a bar chart? i am running a basic search: index=apigee host="mock" "apiproxy.name"=GetQuoteServices_v1_Manual ("error.status.code... by sdickerson New Member in Splunk Search 03-19-2019 0 3	0	3
How to display the percentage of total value? I have a set of servers and their patch status against them in a file. Hostname Patch_status server1 Patched ... by rpradeep Path Finder in Splunk Search 03-19-2019 0 5	0	5
How to create a search where two values of a field should not overlap with time? Hello, So I have data like these: _time, id, event 2019-03-18 15:00:00.0, someone1, checkedin 2019-03-18 16:00:... by acathignol Explorer in Splunk Search 03-19-2019 0 2	0	2
Can I use a Lookup to control the order Saved Searches are run in? Hi, We have 10 Saved Searches that we want to schedule to run in chronological order. We can do this using cron, bu... by gjlewis Explorer in Splunk Search 03-19-2019 0 2	0	2
How can I sum the numeric value in one field after doing field extraction? My event like this: _time,ProductA,2,"318" _time,ProductA,5,"318" _time,ProductA,3,"318" Extracted fields are: Ti... by quangva New Member in Splunk Search 03-19-2019 0 3	0	3
Search that Compares Historical Data, then Generates a Value to say if Data Matched or Not,Compare Historical Data and Report if Two Values Don't Match Hey all, I'm trying to build a search where the system takes a look at whether or not two fields match across multip... by rileylsmith1997 New Member in Splunk Search 03-18-2019 0 0	0	0
Nested Field Extraction I'm working with following REGEX and event lines: https://regex101.com/r/YsuMHk/1 I plan to use the regex in an inl... by dahlberg New Member in Splunk Search 03-18-2019 0 3	0	3
Need "timechart span=1day" for 3 different fields by audio vs video Hello everybody, I would like to come up with a "timechart span=1d" with multiseries mode with audio vs video. belo... by splunkuseradmin Path Finder in Splunk Search 03-18-2019 0 3	0	3
How to collect DEBUG search artifacts (specifically for the search process) for Splunk Support? For troubleshooting search related issue, Support would generally requests for debug search artifacts from the search... by splunkIT Splunk Employee in Splunk Search 03-18-2019 0 3	0	3
Pie Chart Display Color Based On Status (String Value) I have the below data and I am trying to display it in a Pie chart that will display the group in a corresponding col... by arielpconsolaci Path Finder in Splunk Search 03-18-2019 0 4	0	4