Splunk Search

Community Activity

Use the "restricted search terms" of a role to filter a saved search Hello, I have a saved search, running each day with the following output Computer_Name \| DPT \| Install_status \| P... by mdtrandco New Member in Splunk Search 02-17-2019 0 3	0	3
How do you write a regular expression to extract a field which has characters, numbers and also special characters? How do you write a regular expression to extract a field which has characters, numbers and also special characters? T... by Deepz2612 Explorer in Splunk Search 02-17-2019 0 6	0	6
show send and receive from internet to my ftp server i want to show the how much user send and receive from the internet to my ftp server,is my search command right? ... by khanlarloo Explorer in Splunk Search 02-16-2019 0 4	0	4
_meta fields: why am I unable to search for all of the events? I am not able to search for all of the events from the fields. When i try field::value , I can see all of the events.... by godman Path Finder in Splunk Search 02-15-2019 1 3	1	3
Transpose or unpivot existing columns into other columns in a table Is there away to un-pivot a couple columns and relocate them to an existing columns using an Eval expression inside t... by TreeHut New Member in Splunk Search 02-15-2019 0 0	0	0
Help with multivalue field count Hello, I have a multivalue field with two values. segment_status: SUCCEEDED-1234333 FAILED-34555 I am trying to... by vrmandadi Builder in Splunk Search 02-15-2019 0 9	0	9
Is there a way that I can output my values as a fraction instead of a decimal? Is there a way that I can output my values as a Fraction? Example: A = 1 B = 2 eval New_Value = A/B New_Value = 1... by MatthewH007 Path Finder in Splunk Search 02-15-2019 0 2	0	2
Selective Replication of Lookups between Search Heads? I have two search heads in a cluster. SH-A is locked down and is only used by certain staff. SH-B is open to others... by mlorrette Path Finder in Splunk Search 02-15-2019 0 5	0	5
ldapsearch lastLogonTimestamp eval I found this in a search: hxxps://www.splunk.com/blog/2014/02/10/which-servers-are-inactive.html It is old but it d... by s0mar Explorer in Splunk Search 02-15-2019 0 6	0	6
How to trigger alert when the index from Down to Running State? How to trigger alert when the index from Down to Running State? My query is to find index is down.But it will trigger... by karthi2809 Builder in Splunk Search 02-15-2019 0 1	0	1
Field missing in statistical table only, while present (with values) in search Dear all, I have a dashboard table that does not display certain fields, which do have data - although not in every... by altink Builder in Splunk Search 02-15-2019 0 4	0	4
How do you get multiple percentage results in one table? I would like to report the total number games played per team, and the percentage of wins, losses, and ties by team. ... by stephenmeyers Explorer in Splunk Search 02-15-2019 0 1	0	1
Dashboard layout - want two visualizations in single panel and condition also. Hi all, I want the following layout : I am able to achieve Status Overview layout by : <row> <panel></panel> <pa... by vaibhavvijay9 New Member in Splunk Search 02-15-2019 0 2	0	2
Is realtime alert a feature with Splunk Cloud? Is realtime alert a feature with Splunk Cloud? I go to save a search as an alert and it defaults to a scheduled sear... by sbgoldberg13 Explorer in Splunk Search 02-15-2019 0 6	0	6
How do you use the rex command to filter Windows security events? Hi there, I'm trying to extract some data from Windows security logs and filter the counted results. This search ... by swimena Explorer in Splunk Search 02-15-2019 0 2	0	2
issue in rex query Hi Guys, I have a log as below; server1;443 status= running. server2;443 status= running. server3;443 status= runnin... by roopeshetty Path Finder in Splunk Search 02-15-2019 0 2	0	2
Can you help me with a search involving the NOT and WHERE functions? Hi, I use the 2 event types below in a search eventtype="TotalSpace" OR eventtype="DiskHealthSize" I need to do ... by jip31 Motivator in Splunk Search 02-15-2019 0 2	0	2
How do you extract the URL into a separate field? Hello, I'm trying to extract the URL from the message field, so I can create a separate field called URLs. At the mo... by SplunkMasterSne Explorer in Splunk Search 02-15-2019 0 3	0	3
how to ignore fields runtime which arent available from being considered in the calculation? I am doing a calculation to add up all the time spent in each layer. But there are cases where few fields not existin... by sangs8788 Communicator in Splunk Search 02-14-2019 0 2	0	2
Splunk to search and analyse it in logs after one hour I have a requirement to search and analyse result of searches in same log file after one hour. For example , Search... by bsaujla131984 Path Finder in Splunk Search 02-14-2019 0 14	0	14
Data Model Columns and Rows Transpose using Eval Hello- How do you transpose columns inside the Data Model using eval? My goal is to filter a column called column1 in... by TreeHut New Member in Splunk Search 02-14-2019 0 2	0	2
How do I create a histogram to show distribution? I have a search like this: My Search\|chart count(data.url) as SongsPlayed over userEmail It gives me a list of us... by earriaga Path Finder in Splunk Search 02-14-2019 2 8	2	8
How to display graph column for zero value I have a bar graph that charts two values. When one of the values is 0, the graph removes the column altogether. This... by tmaurst Engager in Splunk Search 02-14-2019 0 3	0	3
How do you compare the same field in two different time periods? We have events from several hosts. We want to get the difference in the value of the field between two different time... by omprakash9998 Path Finder in Splunk Search 02-14-2019 0 5	0	5
STATS COUNT on same field before and after WHERE / Condition? Hi All, What I want is : Total no. of queues and total no. of queues with pending messages. Something like this : ... by vaibhavvijay9 New Member in Splunk Search 02-14-2019 0 3	0	3