Splunk Search

Community Activity

How do I make a column chart that compares the result from last year with this year by month? Hi everyone, I would like to make a chart that compares the result from last year with this year by month. This i... by MCH2018 Explorer in Splunk Search 02-13-2019 0 4	0	4
Smtp email to send alerts Hi, Can you please how to to create a alert and send email using smtp server. We have two seperate host s for indexer... by manekar New Member in Splunk Search 02-13-2019 0 4	0	4
How do you merge multisearch results? Hi, I tried many alternatives but no good results. Please help if possible. I have a multi search with two sets of... by gmasca Explorer in Splunk Search 02-13-2019 0 5	0	5
How do you combine two different values from a single field in a chart? Suppose I have a chart that counts the number of tickets done by a particular branch and displays them by priority. ... by dojiepreji Path Finder in Splunk Search 02-13-2019 0 2	0	2
How do you get the raw fields ERROR and SUCCESS from log transactions into a same field TYPE using a regex command? Hi Everybody! I am fairly new to Splunk, and I am trying to Create a dashboard where I need to get the Total number... by vmandad1 New Member in Splunk Search 02-13-2019 0 2	0	2
How to access field displayName when searching a dataset? I have a data model called DM1 with a data set called DM1. There are evaluated fields in this data set with different... by matstap Communicator in Splunk Search 02-13-2019 0 1	0	1
What field name should I use for privileged users on change datamodel? Hello, Right now i'm developing some compliance app. All my panel searches are with \| tstats, so my fields are limit... by 3DGjos Communicator in Splunk Search 02-13-2019 0 1	0	1
How could I chart ratio of counts of field values? Hi, suppose my events contain this field with two possible values: Ok=True or Ok=False Every hour, I'll have a cert... by jchowdown New Member in Splunk Search 02-13-2019 0 5	0	5
How can I append different fields from a subsearch? Hello, I'm trying to search within another sourcetype and append fields oxygen, and rock to a CSV base search. I'm ... by russell120 Communicator in Splunk Search 02-13-2019 0 8	0	8
How do you enforce a lookup match for all values of a multivalue field? I have a multivalue field in my events and I want to do a lookup against a multivalue field in kvstore field. Event f... by Murali2888 Communicator in Splunk Search 02-13-2019 0 1	0	1
Drilldown from lookup populated dropdown I have a dashboard dropdown that I'm populating with "groups" from a lookup "group_ip_host". The idea is to have the ... by richkappler Path Finder in Splunk Search 02-13-2019 0 11	0	11
How do you chart two unrelated numbers? I am completely stumped as to how to chart two numbers. I have two counts from two searches. I simply want to chart ... by tmaurst Engager in Splunk Search 02-13-2019 0 8	0	8
For drilldown, can I use an extracted field as a token value? My token: <drilldown> $row.lobName$ </drilldown> lobName is a field that I extracted using Rex statement... by blindfire_bandi Explorer in Splunk Search 02-13-2019 0 5	0	5
How can I retrieve data for between dates? Hi, I have a field called "Created_date". My requirement is to get a monthly count of created and closed tickets. Ho... by udaypulipaka Observer in Splunk Search 02-13-2019 0 1	0	1
COALESCE command hi when I execute the query below index="x" sourcetype="WinEventLog:Microsoft-Windows-Diagnostics-Performance/Operat... by jip31 Motivator in Splunk Search 02-13-2019 0 2	0	2
Can you give me some help with the coalesce command? hi, When I execute the query below index="x" sourcetype="WinEventLog:Microsoft-Windows-Diagnostics-Performance/Oper... by jip31 Motivator in Splunk Search 02-13-2019 0 3	0	3
How do you exclude and format unique specific fields from multivalued fields to be used in a subsearch? Hello all, I'm having some trouble formatting and dealing with multivalued fields. My use case is as follows: I ... by nickcardenas Path Finder in Splunk Search 02-13-2019 0 2	0	2
Extract field till nth repetition of a string I have following sample event jaskdjkasdkjas CR akjhdjhdjsdhCR 1231jljk23klj3 CR sagdiugsds 7126372 nklsdlkCR i ... by gowtham495 Path Finder in Splunk Search 02-13-2019 0 8	0	8
Support ticket raised outside of business hours I have a support ticket system where people can submit their support tickets. The system is running 24 hours but the ... by louisawang New Member in Splunk Search 02-13-2019 0 2	0	2
Value list Hi Everyone, I'm sure there are similar queries out there and I have searched however I am still struggling to find a... by montydo Explorer in Splunk Search 02-13-2019 0 3	0	3
not sendemail if "Results not found" Hi. I'm trying to selectively send emails (using sendemail); if the output of the query is "No results found" or "No ... by retesi Engager in Splunk Search 02-13-2019 2 6	2	6
parameterize search from various source types simultaneously in a fixed time frame. I have multiple sourcetypes in my index. Lets call them st1, st2, st3, st4 & st5. I have a query that end with \| tab... by zacksoft Contributor in Splunk Search 02-13-2019 0 15	0	15
Pass the output of one query to another query Hi, My 1st query returns 3 fields output.Out of which one filed has to be given as input to the second query which fe... by Deepz2612 Explorer in Splunk Search 02-12-2019 0 6	0	6
Splunk Enterprise can use Open JDK instead of Orace Java Hi, Splunk Enterprise can use Open JDK instead of Orace Java. Splunk can run OpenJDK? by Mayanakhan Explorer in Splunk Search 02-12-2019 0 0	0	0
How to use a part of a string in an event as a value and make it as an interesting field "2018-10-30 05:11:35,659 AM\|ERROR\|(null)\|(null)\|(null)\|System.Data.SqlClient.SqlException (0x80131904): Invalid colum... by ragow New Member in Splunk Search 02-12-2019 0 3	0	3