Splunk Search

Community Activity

	Can you help me with my regex extraction of a field? Hello Friends, I have the following issue I have two types of logs: A & B A & B are from the same Index, have the ... by alex_kh Explorer in Splunk Search 09-21-2018 0 2	0	2
	Can you help me extract the following field values with a regex or any other alternative? I have an event of the below format from a Firewall Source. I need to extract the field named "FieldChanges" from it.... by arrangineni Path Finder in Splunk Search 09-21-2018 0 1	0	1
	Standalone Indexer Hi, all. I am looking to add an indexer to my existing environment that consists of 1 dedicated indexer and 1 dedica... by rmsit Communicator in Splunk Search 09-20-2018 0 4	0	4
	Using Streamstats to group the results happening within 10 seconds Hi Experts, I have a query which finds total number of non 200 responses and total responses based on the web access... by macadminrohit Contributor in Splunk Search 09-20-2018 0 0	0	0
	Can you help with a Splunk query for filtering a destination port count to a table? Hello, everyone, I need some help regarding the analysis of a firewall rule that I am trying to analyze via Splunk. ... by vaibhavmehta New Member in Splunk Search 09-20-2018 0 3	0	3
	How to only search data for the last day of any month within a chosen time range? Hey all, I have a bunch of billing data that is cumulative (month to date). I'm trying to gather total costs per mon... by atammana_splunk Splunk Employee in Splunk Search 09-20-2018 0 6	0	6
	How do I obtain data from a search based on matching field values from multiple source types? Dear All, I have just started using Splunk and I have a question: I have one index and two source types. The struct... by nixlim New Member in Splunk Search 09-20-2018 0 1	0	1
	How do you calculate a percentage from a lookup table? I have a lookup table that is written to when a user clicks on a button to confirm that they have checked logs on a d... by jhampton3rd Explorer in Splunk Search 09-20-2018 0 7	0	7
	Can you help me pull a number and then show that value in a timechart? 2018-09-20T11:48:41.071-0600 I NETWORK [conn16918] end connection 10.16.33.19:61051 (28 connections now open) So I... by orchapellico Explorer in Splunk Search 09-20-2018 0 1	0	1
	How do you extract the following XML fields? Hello, I need to extract the fields from the below xml. Please help me on this. I want to extract fields from event ... by Rajkumarkbm2 Explorer in Splunk Search 09-20-2018 0 3	0	3
	How do I make a search string to get Real Time data from multiple .txt files? Dear Team, I'm trying to to get data from two .txt files into a single Line Chart. For example, with the following... by pascoaljo New Member in Splunk Search 09-20-2018 0 10	0	10
	Can you help me delete the '\' character after a field name? Hello Friends, I have the following issue I have two types of logs: A & B A & B are from the same Index, have the ... by alex_kh Explorer in Splunk Search 09-20-2018 0 5	0	5
	How do I extract fields and values from a multivalue field? this is my JSON object i am getting as an event { "id": 78124, "uuid": "AWBr0ilGbvobIxfakBsC", "key": "com.vit... by sivaranjiniG Communicator in Splunk Search 09-20-2018 0 2	0	2
	How do I adjust the command so that the columns are ordered numerically in a chart? I am generating a basic chart with the following command: index=test \| eval latency = (_indextime - _time) \| chart c... by GrahamHay New Member in Splunk Search 09-20-2018 0 1	0	1
	extract number from a field and output to a table or new field i am trying to extract the Printed number value from the below string deriving from field3 and out put to a table or ... by bablucho Path Finder in Splunk Search 09-20-2018 0 3	0	3
	How to use a subsearch to search across two indexes with no common field? I have one ID in a particular index and using that I want to find events in another index. My search looks like this... by Upas02 Path Finder in Splunk Search 09-20-2018 0 4	0	4
	How do I change bar color based on y axis value in timechart? Hi there, I have already found several answers to the question about how to apply color ranges on the column chart, ... by Digister Explorer in Splunk Search 09-20-2018 0 0	0	0
	How do you normalize fields to Join two searches? I have ran across an issue that I've been banging my head against and it will not give. I have a search that is tryi... by tegnatomm Engager in Splunk Search 09-20-2018 0 3	0	3
	Will you help me compare 2 results from different time periods? I'm trying to compare 2 results from different time periods using the below search, but am getting a zero result wher... by alanhowlett New Member in Splunk Search 09-20-2018 0 1	0	1
	Capturing multiple values and creating table from results - MVexpand? Good afternoon guys & gals, This on paper is a simple one, but it's absolutely escaping me. We have been asked to ex... by Barty Explorer in Splunk Search 09-20-2018 0 5	0	5
	DateTime Format for search result index=db_apps_digital host=hst1* OR host=hst2* NOT host=hst5 NOT host=hst6 sourcetype="API.CMC-too_small" \| stats c... by rossboss1989 Engager in Splunk Search 09-19-2018 0 1	0	1
	How do I pair two fields that came from the same event? I have a handful of fields that I've extracted from the raw event data using the rex function. Now that I have these... by samsam48 Explorer in Splunk Search 09-19-2018 0 3	0	3
	log to see what searches users have run as an admin, can i find out what searches my users have run? time, syntax, etc. is there an audit log or something r... by gurinderbhatti Path Finder in Splunk Search 09-19-2018 0 3	0	3
	How do I get a time curve with field values? Hello. Now, I must get a time curve using a field value . My data has these fields:_time,CreateDate There is a dat... by WXY Path Finder in Splunk Search 09-19-2018 0 2	0	2
	How do I put a line graph that shows data in both indexes into one graph? Hi, I want to get a line graph with two indexes of data. My command is index=interface sourcetype="in_t"\| timechart... by WXY Path Finder in Splunk Search 09-19-2018 0 2	0	2