Splunk Search

Community Activity

How to combine values from stats into single row? Hi All,I am looking into using some proxy logs to determine download volume for particular streaming sites and was lo... by TribesmanJohn Explorer in Splunk Search 02-22-2024 0 2	0	2
EventCode Subsearch I have an application that I am trying to monitor. There is a specific event code for when the tool is opened to mod... by jeradb Explorer in Splunk Search 02-22-2024 0 3	0	3
need for each Receiver_ID how much invoice total for 1 months span i have log like this :2024-02-22 12:49:38:344 EST\| INFO \|InterfaceName=USCUSTOMERINV INVCanonicalProcess Sender_ID=Th... by avikc100 Path Finder in Splunk Search 02-22-2024 0 1	0	1
Running queries not working at all I created a standalone splunk container on openshift container platform with the help of "splunk operator for kuberne... by olivera Explorer in Splunk Search 02-22-2024 1 1	1	1
Is there a way to keep row data together when using the stats command? Hello, Is there a way to keep row data together when using the stats command? ID Loc FirstName LastName 1 NY... by genesiusj Builder in Splunk Search 02-22-2024 0 5	0	5
How to change font size of texts inside table using dashboard xml source Hi, I have a splunk dashboard with different panels i.e. pie chart, table etc. I need to increase the font size of te... by ggangwar Path Finder in Splunk Search 02-22-2024 2 10	2	10
change the color of a column based on other column Hi i have stats table with following by deepthi5 Path Finder in Splunk Search 02-22-2024 0 1	0	1
How to filter search results from query Hi, I am looking to grab all windows events of successful NTLM logins without using Kerberos. Here is my query so far... by kodyrubida Engager in Splunk Search 02-22-2024 0 1	0	1
how to get the event time and _time difference in alert triggering time delay how to show the how long alert took triggered from the time the event occurred. To calculate the "diff" in times, to ... by harishsplunk7 Explorer in Splunk Search 02-22-2024 0 6	0	6
How to use timechart span=30m to start with the exact time Hi,My requirement is to find 30 mins result using timechart span=30m from the start time that I have mentioned.Start ... by anil1219 Engager in Splunk Search 02-22-2024 0 2	0	2
how group a field values with the maxevents of 4, without using transaction command Hi everyone,i need an alternative for the transaction command, bcoz its taking to much time to load the dashboard,thi... by vinod743374 Communicator in Splunk Search 02-22-2024 0 1	0	1
"Sort 0 desc" vs "sort 0 -" for data over 10,000 Hello,I don't know how to simulate this using makeresults, but I have data over 10,000 (let say 50,000)If I sort desc... by LearningGuy Motivator in Splunk Search 02-21-2024 0 1	0	1
compare two result HiI have a query that need to compare count of PF field for two log file:on splunk I have two query that create this ... by indeed_2000 Motivator in Splunk Search 02-21-2024 0 4	0	4
how to keep sender name with space in search result I am using Splunk Enterprise Version: 9.1.0.1.my search query is :index="webmethods_prd" source="/apps/webmethods/int... by avikc100 Path Finder in Splunk Search 02-21-2024 0 5	0	5
Search event Can an event be searched using the transaction without any index or source values?Yes or Nobreif answer on selection by Tron-spectron47 Loves-to-Learn in Splunk Search 02-21-2024 0 3	0	3
Rex not stopping capture after match I'm not sure why rex is properly matching the beginning of the value I am looking for (NameofTeam), but it also match... by ea-2023 Path Finder in Splunk Search 02-21-2024 0 4	0	4
How can I count events by location with a list of SERVERNAME's? Our splunk implementation has SERVERNAME as a preset field, and there are servers in different locations, but there i... by GEB Explorer in Splunk Search 02-21-2024 0 4	0	4
Search to check if request duration search has recovered index=my_index source="/var/log/nginx/access.log" \| stats avg(request_time) as Average_Request_Time \| where Average... by guywood13 Path Finder in Splunk Search 02-21-2024 0 7	0	7
case-sensitive on subsearch hiI have this situationindex="idx" [\| inputlookup name.csv \| table id name ]idx=idname1a2aaa1A2aaa12abbb lookupidname... by simo Path Finder in Splunk Search 02-21-2024 0 1	0	1
Regex Help to extract fields Can some one please help with the regex that can be used to view the below event in tabular format.EventINFO > 2024-0... by Harikiranjammul Explorer in Splunk Search 02-21-2024 0 1	0	1
Splint date/time filed in multiple fields for calculations Hi.I have a single filed for date and time of event - 2024-02-19T11:16:58.930104ZI would like to have to fields Date ... by bigll Path Finder in Splunk Search 02-21-2024 0 3	0	3
How to populate a single column with dynamic field values? HelloI have a working dashboard where I have various fields that can be defined (field1 and field2 in the example), a... by ea-2023 Path Finder in Splunk Search 02-20-2024 0 11	0	11
How to manage multiple regex using same field name We have application data coming from Apache Tomcat's and have a regex in place to extract exception name. But there a... by att35 Builder in Splunk Search 02-20-2024 0 3	0	3
query returned field passed to another query I need help to write a search query where the result from the one query is passed onto the second query1 we import th... by atul9771 Engager in Splunk Search 02-20-2024 0 2	0	2
How to calculate time difference b/w multiple events and sum for a field I have requirement to calculate total time a user has been connected to system, for that I have logs as below which s... by ramnaresh2051 Engager in Splunk Search 02-20-2024 0 3	0	3