Splunk Search

Discussions

Thread Info

Smtp email to send alerts

Hi, Can you please how to to create a alert and send email using smtp server. We have two seperate host s for indexer...

by New Member in

How do you merge multisearch results?

Hi, I tried many alternatives but no good results. Please help if possible. I have a multi search with two set...

by Explorer in

How do you combine two different values from a single field in a chart?

Suppose I have a chart that counts the number of tickets done by a particular branch and displays them by priority. ...

by Path Finder in

How do you get the raw fields ERROR and SUCCESS from log transactions into a same field TYPE using a regex command?

Hi Everybody! I am fairly new to Splunk, and I am trying to Create a dashboard where I need to get the Total numb...

by New Member in

How to access field displayName when searching a dataset?

I have a data model called DM1 with a data set called DM1. There are evaluated fields in this data set with different...

by Communicator in

What field name should I use for privileged users on change datamodel?

Hello, Right now i'm developing some compliance app. All my panel searches are with | tstats, so my fields are lim...

by Communicator in

How could I chart ratio of counts of field values?

Hi, suppose my events contain this field with two possible values: Ok=True or Ok=False Every hour, I'll have a ...

by New Member in

How can I append different fields from a subsearch?

Hello, I'm trying to search within another sourcetype and append fields oxygen, and rock to a CSV base search. I'...

by Communicator in

How do you enforce a lookup match for all values of a multivalue field?

I have a multivalue field in my events and I want to do a lookup against a multivalue field in kvstore field. Event f...

by Communicator in

Drilldown from lookup populated dropdown

I have a dashboard dropdown that I'm populating with "groups" from a lookup "group_ip_host". The idea is to have the ...

by Path Finder in

How do you chart two unrelated numbers?

I am completely stumped as to how to chart two numbers. I have two counts from two searches. I simply want to char...

by Engager in

For drilldown, can I use an extracted field as a token value?

My token: <drilldown> $row.lobName$ </drilldown> lobName is a field that I extracted using Rex sta...

by Explorer in

How can I retrieve data for between dates?

Hi, I have a field called "Created_date". My requirement is to get a monthly count of created and closed tickets. ...

by New Member in

COALESCE command

hi when I execute the query below index="x" sourcetype="WinEventLog:Microsoft-Windows-Diagnostics-Performance/Oper...

by Motivator in

Can you give me some help with the coalesce command?

hi, When I execute the query below index="x" sourcetype="WinEventLog:Microsoft-Windows-Diagnostics-Performance/...

by Motivator in

How do you exclude and format unique specific fields from multivalued fields to be used in a subsearch?

Hello all, I'm having some trouble formatting and dealing with multivalued fields. My use case is as follows: ...

by Path Finder in

Extract field till nth repetition of a string

I have following sample event jaskdjkasdkjas CR akjhdjhdjsdhCR 1231jljk23klj3 CR sagdiugsds 7126372 nklsdlkCR ...

by Path Finder in

Support ticket raised outside of business hours

I have a support ticket system where people can submit their support tickets. The system is running 24 hours but the ...

by New Member in

Value list

Hi Everyone, I'm sure there are similar queries out there and I have searched however I am still struggling to find a...

by Explorer in

not sendemail if "Results not found"

Hi. I'm trying to selectively send emails (using sendemail); if the output of the query is "No results found" or "No ...

by Engager in

Get Updates on the Splunk Community!

Splunk Search

Discussions

Smtp email to send alerts

How do you merge multisearch results?

How do you combine two different values from a single field in a chart?

How do you get the raw fields ERROR and SUCCESS from log transactions into a same field TYPE using a regex command?

How to access field displayName when searching a dataset?

What field name should I use for privileged users on change datamodel?

How could I chart ratio of counts of field values?

How can I append different fields from a subsearch?

How do you enforce a lookup match for all values of a multivalue field?

Drilldown from lookup populated dropdown

How do you chart two unrelated numbers?

For drilldown, can I use an extracted field as a token value?

How can I retrieve data for between dates?

COALESCE command

Can you give me some help with the coalesce command?

How do you exclude and format unique specific fields from multivalued fields to be used in a subsearch?

Extract field till nth repetition of a string

Support ticket raised outside of business hours

Value list

not sendemail if "Results not found"

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Will Splunk searches using lookup get affected if ...

How to delay with search result when run via Splun...

KV Store status is currently unknown- How to resol...

Combining results in metric index?

Summary Index from | collect ... addtime=f : When ...