Splunk Search

Community Activity

How do I use the eval command to calculate error rates and show them as percentages? Hello, I am creating a dashboard in which I am displaying total logins, successful logins, failed logins, error rate... by moizmmz Path Finder in Splunk Search 10-25-2018 0 20	0	20
How do I rename the values in the following field? https://drive.google.com/file/d/13tgNyaelfyPwxIvgAOA1Gn1hI628dGB2/view?usp=sharing[link text]1 I want to rename the ... by moizmmz Path Finder in Splunk Search 10-25-2018 0 2	0	2
search time data masking Hi I am trying to mask indexed data using following props.conf comfig for linux_secure. [linux_secure] EXTRACT-ip ... by melonman Motivator in Splunk Search 10-25-2018 0 3	0	3
Error message above search bar Hi All, When I am executing a search query something like "index=index1", I am getting the below error message above... by bsantosh New Member in Splunk Search 10-25-2018 0 3	0	3
Can you help me with an issue i'm having with the strptime function? I am trying to implement strptime command on my lookup named test.csv, which has fields _time, hits with data from ... by Divyachundu New Member in Splunk Search 10-25-2018 0 4	0	4
How do you convert numeric value from 5000 to 5k for a field? I am planning to convert the value of a count into 5k, 500k format rather than the whole number. May I know how I can... by arrangineni Path Finder in Splunk Search 10-25-2018 0 1	0	1
Make data in a stacked area chart 'float' Any way to make one series in a stacked area chart invisible? I've got a bunch of data I want to make a floating rib... by mikclrk Explorer in Splunk Search 10-25-2018 0 0	0	0
How come only one of many fields is not extracting? I have a weird behavior in my environment. When I get new data, I parse them using my regex (= as delimiter between ... by shayhibah Path Finder in Splunk Search 10-25-2018 0 6	0	6
How do I count occurrences with wildcard in count by field? Hi, I have the following values from my search result: /api/v2/nodes/107757943/nodes /api/v2/nodes/107758003/nodes... by mhornste Path Finder in Splunk Search 10-25-2018 1 4	1	4
Can you help me break my search up into two smaller ones? I have a query that is taking up too many resources I am told. I decided to break it up into two smaller reports (on... by bealm New Member in Splunk Search 10-25-2018 0 3	0	3
Splunk dbxquery to call stored procedure with subsearch to populate parameter not working I have two working Splunk queries as follows. The first one takes in an IP Address and datetime and returns a Mac Ad... by rdclark Engager in Splunk Search 10-25-2018 0 1	0	1
Why is HTTP is working while HTTPS is not? Hi, I tried to enable SSL on my Splunk instances. A few of them were successful. Some of them(specifically none of t... by graju89 Path Finder in Splunk Search 10-25-2018 0 2	0	2
In a statistics table, how do I make it so a row hides when clicked upon? Hello guys I want to hide the row of a table after clicking on a cell on this table. I guess I should look for JS so... by denys_k Explorer in Splunk Search 10-25-2018 0 2	0	2
Feature Suggestion: Panel-local variables for prebuilt panels Prebuilt panels would be more useful if they allowed local variables. This would parallel the way macros allow argum... by madkins23 New Member in Splunk Search 10-25-2018 0 1	0	1
Merge tables by aligning fields with same value Hello, I have two tables listed below. The small table is a subset of the large table. Large_table S... by Thuan Explorer in Splunk Search 10-24-2018 0 0	0	0
Use a lookup file to show IP name Hello,I have a csv file ,and I use it as a lookup table, it has two fields : IP,IP Name; \| inputlookup ip_name.csv ... by WXY Path Finder in Splunk Search 10-24-2018 0 1	0	1
How to increase the maximum number of conditions in a splunk search? Hi there, I have a search below: host = xxx.xxx.xxx.xxx AND duration \| rex field=_raw (something) \| rex field=_raw (... by zongwei New Member in Splunk Search 10-24-2018 0 2	0	2
Field extraction for IP ADFS Logs Hello, I found one post but the REGEX search didn't work. How would I extract the IP into a new field that comes aft... by donaldmayo New Member in Splunk Search 10-24-2018 0 1	0	1
Can eventstats or streamstats be used with accelerated data model searches? We are looking to convert most if not all of our existing searches and correlation rules to search against accelerate... by john_dagostino Path Finder in Splunk Search 10-24-2018 0 3	0	3
How to compare two CSVs and see what's missing from the original? Hi, consider these two CSVs septemberheros.csv: name alias best_power origin clark superman fl... by russell120 Communicator in Splunk Search 10-24-2018 0 3	0	3
How to find a difference between two times which are off by two different formats and set an alert if the difference is more than 10mins? Hi, I have a query which returns two columns Time1 which is _time and one more column Time 2 which is user calculat... by sangs8788 Communicator in Splunk Search 10-24-2018 0 3	0	3
Can you help me with the following regex expression? I have events from which I need to extract the strings that fall before the string "raced to road" Here is a sample ... by zacksoft Contributor in Splunk Search 10-24-2018 0 6	0	6
After upgrading to Splunk 7.2, how come I'm unable to sort or click on links? My team recently upgraded to Splunk 7.2, but unfortunately, I am unable to click on any links under reports, alerts, ... by jdibblee New Member in Splunk Search 10-24-2018 0 1	0	1
How do I join different events on an ID with different source types? Hello everybody, I have many messages with two different source types and an ID and a information field. For every I... by nikosattlermhp Engager in Splunk Search 10-24-2018 0 1	0	1
How to search for which users were logged in to a machine at a certain time or date on linux given the workstation name ? I have the workstation name and IP address — how do I find out which users were logged in to the machine (Linux) and ... by ibrahima New Member in Splunk Search 10-24-2018 0 2	0	2