Splunk Search

Community Activity

How do you Identify and replace a CSV field name by WildCard or Regex Pattern? I need to replace some CSV field Names with standard names for further easier processing. I tried to rename with a ... by xshen_anji New Member in Splunk Search 03-04-2019 0 7	0	7
How do you use the Join command even if the substring of a particular column matches? Hi, I want to join two searches based on a column, even if the substring of the two column matches . Below is my sa... by Nadhiyaa Path Finder in Splunk Search 03-04-2019 0 1	0	1
maxsearches limit reached Hi , I have configured 20 Alerts with below run every - "5 min" and Alert mode "Once Per Result". Each... by kamlesh_vaghela SplunkTrust in Splunk Search 03-04-2019 1 3	1	3
How can we administer the lookups better? We would like to administer the lookups in bulk, meaning, to upload them in bulk, to change permissions in bulk, etc.... by ddrillic Ultra Champion in Splunk Search 03-04-2019 0 7	0	7
Can you help me find details of event that happens at 25% point of a search (or the nth record of a search)? Good afternoon. I have a search that has approximately 2 million results$. I am trying to find out which record woul... by ChrisCLewis Communicator in Splunk Search 03-04-2019 0 4	0	4
In a table powered by a stats count search, can you help me display status codes as column headings? Hi, I wonder whether someone can help me please. I've put together the following query... w2_wmf(RequestCompleted... by IRHM73 Motivator in Splunk Search 03-04-2019 0 24	0	24
Search a word not indexed Suppose i search for a word that is not indexed by splunk, whether those logs which contain that word will be returne... by simisreedharan Engager in Splunk Search 03-03-2019 0 5	0	5
Find when three events do not occur within a specified amount of time. Hello all, as the title indicates I'm looking for a way to identify when three events do not occur within a specified... by kahless1985 Explorer in Splunk Search 03-03-2019 0 6	0	6
How do I rename column name with javascript? I have a search with generate dynamic the column name with pattern "Month - Year" eg. "October - 2018" "November - 20... by karn Path Finder in Splunk Search 03-03-2019 0 2	0	2
When using "stats max ()", why is the result truncated? My environment: Splunk 7.2.3 When I do the following search, the result is truncated. search-1 \| makeresults count... by yutaka1005 Builder in Splunk Search 03-03-2019 0 4	0	4
Why am I seeing _indextime (_index_earliest & _index_latest) inconsistencies? Based on THIS old blog post and THIS Answers post, I have tried to utilize index-time modifiers as a way to obtain a ... by Lucas_K Motivator in Splunk Search 03-03-2019 1 10	1	10
Possible losing field values when using "stats...by field_name" I thought the result of using "...\| dedup src_ip \| table src_ip \| sort str(src_ip)" should be the same with the resul... by PeterZhang New Member in Splunk Search 03-03-2019 0 12	0	12
Unable to get value on x-axis I have a tabular data like below. **EventTime SQL CPU Utilization Other Process CPU Utilization Total CPU Utilizat... by twh1 Communicator in Splunk Search 03-02-2019 0 8	0	8
Why is time value being reversed? When I run the following search, the time is being show as the oldest first, but SysLog being shown as newest first ... by manic3773 Engager in Splunk Search 03-02-2019 0 1	0	1
Lookups slow performance Background We are a new SplunkCloud customer and are building out our instance, setting up our indexes, field extrac... by cwinkler109 New Member in Splunk Search 03-02-2019 0 2	0	2
help on append command hi The request below count a number of error events by host index="x" sourcetype="x" ConfigManagerErrorCode=28 \| d... by jip31 Motivator in Splunk Search 03-02-2019 0 6	0	6
Merge two line chart with different query in to single line chart I have two line chart with different queries as follows: <chart> <search> <query>index=*... by karthi25 Path Finder in Splunk Search 03-02-2019 0 1	0	1
Searching a port range How can i search for matches using a port range on an extracted field? for example: if i want all events in port ra... by EricPartington Communicator in Splunk Search 03-02-2019 1 3	1	3
Foreach in Multisearch Hi, I wonder whether someone can help me please. I've put together the query below using the foreach command, which,... by IRHM73 Motivator in Splunk Search 03-02-2019 0 14	0	14
How do you group results by location and percentage the results? I have a search result that is tabled, and now, I am trying to find a result by percentage of the location they visit... by davidoking Explorer in Splunk Search 03-02-2019 0 2	0	2
count events where the same value exists in two different fields I need to write a query that counts events when 3 criteria are met. First two are easy, they events have to have the ... by mmdacutanan Explorer in Splunk Search 03-01-2019 0 1	0	1
Is there a posted percentage for the number of people that passed or failed each Splunk certification? Is there a posted Certification Pass/Fail rating or number of people that passed each Splunk certification exam poste... by cbeard604 Explorer in Splunk Search 03-01-2019 6 5	6	5
Display Time Taken in Splunk response I would like to display the time taken for a page to load in Splunk. Here is my query: splunk_server=* index="myind... by jdhavo New Member in Splunk Search 03-01-2019 0 1	0	1
convert large duration timelapse to decimal hour I'm trying to convert a timestamp where my hour will go beyone 24 hours: for example: 305:44:03 The ctime and dur2... by mjones414 Contributor in Splunk Search 03-01-2019 0 1	0	1
Foreach in Multisearch Hi, I wonder whether someone can help me please. I've put together the query below using the foreach command, which,... by IRHM73 Motivator in Splunk Search 03-01-2019 0 5	0	5