Splunk Search

Community Activity

Can I extract a field from a subsearch by comparing two fields in both the search and subsearch? Hello, I'm trying to extract a customer number by having two searches pull web service calls and compare one field ... by charlesxavier New Member in Splunk Search 02-18-2019 0 9	0	9
How do you Insert Hour, Mins & Seconds in an extracted time? I have a table that populates something to the effect of: Name Start Time End Time R... by cquinney Communicator in Splunk Search 02-18-2019 0 2	0	2
Change background color in Single Value Visual? Hello, I'm trying to change the background color of a label I have created. I created the label by just running the... by dfrench151 Explorer in Splunk Search 02-17-2019 1 6	1	6
How to use value of a one field as field name? Hi, I'm a Splunk beginner here. I'm not even sure if I'm using the right terms. Kindly bear with me. My input is a J... by computernachi New Member in Splunk Search 02-17-2019 0 0	0	0
Use the "restricted search terms" of a role to filter a saved search Hello, I have a saved search, running each day with the following output Computer_Name \| DPT \| Install_status \| P... by mdtrandco New Member in Splunk Search 02-17-2019 0 3	0	3
How do you write a regular expression to extract a field which has characters, numbers and also special characters? How do you write a regular expression to extract a field which has characters, numbers and also special characters? T... by Deepz2612 Explorer in Splunk Search 02-17-2019 0 6	0	6
show send and receive from internet to my ftp server i want to show the how much user send and receive from the internet to my ftp server,is my search command right? ... by khanlarloo Explorer in Splunk Search 02-16-2019 0 4	0	4
_meta fields: why am I unable to search for all of the events? I am not able to search for all of the events from the fields. When i try field::value , I can see all of the events.... by godman Path Finder in Splunk Search 02-15-2019 1 3	1	3
Transpose or unpivot existing columns into other columns in a table Is there away to un-pivot a couple columns and relocate them to an existing columns using an Eval expression inside t... by TreeHut New Member in Splunk Search 02-15-2019 0 0	0	0
Help with multivalue field count Hello, I have a multivalue field with two values. segment_status: SUCCEEDED-1234333 FAILED-34555 I am trying to... by vrmandadi Builder in Splunk Search 02-15-2019 0 9	0	9
Is there a way that I can output my values as a fraction instead of a decimal? Is there a way that I can output my values as a Fraction? Example: A = 1 B = 2 eval New_Value = A/B New_Value = 1... by MatthewH007 Path Finder in Splunk Search 02-15-2019 0 2	0	2
Selective Replication of Lookups between Search Heads? I have two search heads in a cluster. SH-A is locked down and is only used by certain staff. SH-B is open to others... by mlorrette Path Finder in Splunk Search 02-15-2019 0 5	0	5
ldapsearch lastLogonTimestamp eval I found this in a search: hxxps://www.splunk.com/blog/2014/02/10/which-servers-are-inactive.html It is old but it d... by s0mar Explorer in Splunk Search 02-15-2019 0 6	0	6
How to trigger alert when the index from Down to Running State? How to trigger alert when the index from Down to Running State? My query is to find index is down.But it will trigger... by karthi2809 Builder in Splunk Search 02-15-2019 0 1	0	1
Field missing in statistical table only, while present (with values) in search Dear all, I have a dashboard table that does not display certain fields, which do have data - although not in every... by altink Builder in Splunk Search 02-15-2019 0 4	0	4
How do you get multiple percentage results in one table? I would like to report the total number games played per team, and the percentage of wins, losses, and ties by team. ... by stephenmeyers Explorer in Splunk Search 02-15-2019 0 1	0	1
Dashboard layout - want two visualizations in single panel and condition also. Hi all, I want the following layout : I am able to achieve Status Overview layout by : <row> <panel></panel> <pa... by vaibhavvijay9 New Member in Splunk Search 02-15-2019 0 2	0	2
Is realtime alert a feature with Splunk Cloud? Is realtime alert a feature with Splunk Cloud? I go to save a search as an alert and it defaults to a scheduled sear... by sbgoldberg13 Explorer in Splunk Search 02-15-2019 0 6	0	6
How do you use the rex command to filter Windows security events? Hi there, I'm trying to extract some data from Windows security logs and filter the counted results. This search ... by swimena Explorer in Splunk Search 02-15-2019 0 2	0	2
issue in rex query Hi Guys, I have a log as below; server1;443 status= running. server2;443 status= running. server3;443 status= runnin... by roopeshetty Path Finder in Splunk Search 02-15-2019 0 2	0	2
Can you help me with a search involving the NOT and WHERE functions? Hi, I use the 2 event types below in a search eventtype="TotalSpace" OR eventtype="DiskHealthSize" I need to do ... by jip31 Motivator in Splunk Search 02-15-2019 0 2	0	2
How do you extract the URL into a separate field? Hello, I'm trying to extract the URL from the message field, so I can create a separate field called URLs. At the mo... by SplunkMasterSne Explorer in Splunk Search 02-15-2019 0 3	0	3
how to ignore fields runtime which arent available from being considered in the calculation? I am doing a calculation to add up all the time spent in each layer. But there are cases where few fields not existin... by sangs8788 Communicator in Splunk Search 02-14-2019 0 2	0	2
Splunk to search and analyse it in logs after one hour I have a requirement to search and analyse result of searches in same log file after one hour. For example , Search... by bsaujla131984 Path Finder in Splunk Search 02-14-2019 0 14	0	14
Data Model Columns and Rows Transpose using Eval Hello- How do you transpose columns inside the Data Model using eval? My goal is to filter a column called column1 in... by TreeHut New Member in Splunk Search 02-14-2019 0 2	0	2