Splunk Search

Discussions

Thread Info

JMS Modular Input to ActiveMQ using Wildcard

We need to monitor multiple dynamic queues, queues are generated and removed. I have tried using "jms://queue/dynamic...

by New Member in

stats vs eventstats

I can't comprehend what 'eventstats' is. I went thru the splunk docs.I wanna use math functions like avg.. etc.. not ...

by Contributor in

stats count by fieldnames (not field strings)

hi all, bit of a strange one... The business has put a descriptor of the product as a field name and it would...

by New Member in

Is there way to group columns of a table?

Hello, I have one requirement in which certain columns have to be grouped together on a table. I have XSL sheet ...

by Explorer in

Checking Host's status as offline or online by comparing data from today vs yesterday

Hi, I have vulnerability scanner that scans all device on our network every day. The agent of vulnerability scanne...

by Contributor in

Hyperlink a incident value to an external URL

I have below output from the splunk querry. Hostname INC Number Urgency Time_CST Description 1 CMPS3 ...

by Communicator in

How to achieve a non numeric scatter plot on x and y?

Hi, I have two text columns finding_id and device manufacturer, and a count of events containing both. I'd like...

by New Member in

Indexed Fields Search Results and Subsearch

I have a field that I know is an indexed field because I can specify on my search myfield::somevalue and get results....

by New Member in

How to get added count for the fields from previous count over a period of time?

I am having a issue tracker for tracking all opened issues and the query for the same is below: search issue_statu...

by Engager in

Custom logon screen for different groups of users

I am working in an environment where there are several different constituencies. Each has different needs in terms of...

by Explorer in

How can i format a table as rows into columns?

Hello - I am new to Splunk. I would like to check whether it's feasible to format a table. In the screen shot 1, i ha...

by Explorer in

How do I display more than one Multivalue fields in a stacked column chart?

I have a table having many multi-value fields. For example: items, cp and sp are multivalue fields. Using the followi...

by New Member in

count if two nonconsecutive string occurs in a statement

I want to write a query to take the count if two non-consecutive string occurs in a statement. I am trying to do some...

by Explorer in

Issue with field extraction regex

Hello plp, I have this problem, i need to extract 2 fields of this event. [14/04/2020 16:17:49][INFO][http-8080...

by Engager in

Count repeated failured logons following a successful logon

Here's what I got so far: index="myindex" (host="192.168.0.100" OR host="192.168.0.101") (msg="login OK" OR msg="l...

by Builder in

Get Updates on the Splunk Community!

Splunk Search

Discussions

JMS Modular Input to ActiveMQ using Wildcard

stats vs eventstats

stats count by fieldnames (not field strings)

Is there way to group columns of a table?

Checking Host's status as offline or online by comparing data from today vs yesterday

Hyperlink a incident value to an external URL

How to achieve a non numeric scatter plot on x and y?

Indexed Fields Search Results and Subsearch

How to get added count for the fields from previous count over a period of time?

Custom logon screen for different groups of users

How can i format a table as rows into columns?

How do I display more than one Multivalue fields in a stacked column chart?

count if two nonconsecutive string occurs in a statement

Issue with field extraction regex

Count repeated failured logons following a successful logon

Observability | How to Think About Instrumentation Overhead (White Paper)

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

The Great Resilience Quest: 10th Leaderboard Update

Help with report creation please

How to combine rows based on parent-child relation...

Outputlookup to a kvstore does not write results

How do I limit a search to everything except the t...

StatsBuffer::read: Row is too large for StatsBuffe...