Splunk Search

Community Activity

Can you help me with a field extraction using REGEX? Hi all, I am getting an event in the below format: 28/01/2019 07:20:54.000 USERNAME FROM ... by rohitvjoshi Path Finder in Splunk Search 01-28-2019 0 8	0	8
Retention period need to set for DB connect app data Hi Team I have 3 queries in DB Connect App 1) Runs once and pull 13 months of data, 2) second also runs once and pu... by rakesh44 Communicator in Splunk Search 01-28-2019 0 2	0	2
how to add eventdata in splunk Hi, By mistake i ran the splunk clean command eventdata is deleted from database. .Command i ran : /splunk clean even... by manekar New Member in Splunk Search 01-28-2019 0 1	0	1
How come Splunk is not picking up the first few lines (3-5 line) of our log files? Hi, I have an issue where Splunk is not picking up the first few lines (3-5 line) of log files when doing a search. ... by aknsun Path Finder in Splunk Search 01-28-2019 0 4	0	4
Why Are My Search Results Truncated? Hello, I'm running into behavior I don't quite understand and was hoping someone might be able to shed some light on... by SplunkPersonal Path Finder in Splunk Search 01-28-2019 1 4	1	4
Custom drilldown search not working On a dashboard I have a panel with the following search: index="perfmon" counter="% Processor Time" host!="HOST1*" h... by tmontney Builder in Splunk Search 01-28-2019 1 8	1	8
How can I produce results with a span of 1 day and span for every 1st of the month? I User the below search to identify the usage of disk for 1 day(Previous day). earliest=-2d index="A" source="Perfmo... by Gowtham0809 New Member in Splunk Search 01-28-2019 0 1	0	1
How do you find the difference between two different indexes with fields in common? Hi all, I am working on a piece of work on reconciling the trades from DB and a log. I had a thought that the below ... by ashrafshareeb Path Finder in Splunk Search 01-28-2019 0 7	0	7
Find the delta between first logins and last logout per break in activity in the case where logins and logouts can happen multiple times in a row? I have been trying to evaluate total time logged in but have run into a couple snags due to the fact that our system ... by cdhippen Path Finder in Splunk Search 01-28-2019 0 1	0	1
how to skip header file in csv i have a csv file with header column"Name","CapacityGB","FreeSpaceGB" with the line number 1. This header is also c... by Gayathirikuppus New Member in Splunk Search 01-28-2019 0 2	0	2
How can I extract different arrays from a field to visualise? Hi, I have a text file that contains data which looks like "x:[-0.01,0.04,0.9],y:[0.00045,0.00035,0.03],z:[0.00115,... by annie_22 New Member in Splunk Search 01-28-2019 0 4	0	4
Grouping field names together from a pivot table with a partial literal regex name Hi There, There are multiple field titles that start with the same exact word (example: Candy). After the word Can... by ryhluc01 Communicator in Splunk Search 01-28-2019 0 1	0	1
Can you help me use the timechart command drilldown to a dependent dashboard? Hi Guys, I have built a dashboard panel with a timechart command and then used the search command. The search result... by pench2k19 Explorer in Splunk Search 01-28-2019 0 21	0	21
How to get specify record from kV store using splunkjs and REST endpoint I am storing records into KV store/delete using SplunkJS and REST endpoints Store service.request( "s... by abdullawells89 New Member in Splunk Search 01-28-2019 0 0	0	0
Can you help us format the y-axis to the Custom Time Format? Hi, I want to plot a column chart with time vs day. So day will be in X-axis and time will be in Y-axis. I am usi... by abhayneilam Contributor in Splunk Search 01-28-2019 0 3	0	3
How do you identify all accounts not automatically locked after 5 consecutive failed log in attempts? I need to check how to identify all technical accounts that are not automatically locked after 5 consecutive failed l... by sahiltcs Path Finder in Splunk Search 01-28-2019 0 2	0	2
Why is my cluster map working fine in verbose mode but not in fast mode? query:- index="test"\|table FIELD1,FIELD2,Latitude,Longitude,Timestamp\| geostats latfield=Latitude longfield=Longitude... by ajitshukla Explorer in Splunk Search 01-28-2019 0 3	0	3
geostats binspanlat/long restrictions Hello, I have a customer with a geostats query that fails due to the parameters he uses. I am not sure yet what exac... by knielsen Contributor in Splunk Search 01-28-2019 0 2	0	2
Create Splunk Query aggregating failed log in events I looking query where I can see the aggregation of failed log in events Can you please share the query and details f... by sahiltcs Path Finder in Splunk Search 01-28-2019 0 5	0	5
How to disable methods from the https://localhost:8000 ? When I make curl -v -X https://127.0.0.1:8000 It returns Accept: all or any(/) it seems like all methods are work... by sangsun0203 New Member in Splunk Search 01-28-2019 0 3	0	3
How do you color a specific word in the logs? hi, I use the query below in order to extract events that have only "Failed Error code : " in the logs index="ai-wk... by jip31 Motivator in Splunk Search 01-28-2019 0 9	0	9
How to display the search time range and description in a PDF report? Hi, As I am generating PDF reports, I want the description and the time range used for the search that generated the ... by thambisetty SplunkTrust in Splunk Search 01-27-2019 1 8	1	8
Response Time Calculation between 2 different events Hello, I am trying to find response time between events in different sourcetype but not able to figure out how to fi... by hemendralodhi Contributor in Splunk Search 01-27-2019 0 6	0	6
Conditional Join/Subsearch So I have two log sources-- one that stores values X and Y together in the same index, and the second which stores va... by SplunkMonster Engager in Splunk Search 01-27-2019 0 6	0	6
List or View Scheduled searches Hello, Does anyone have a search command to find / list all scheduled searches, the time they should run at and the ... by DavidHourani Super Champion in Splunk Search 01-27-2019 0 4	0	4