Splunk Search

Community Activity

How to search with a fixed time span timechart everyday? I am trying to find my average response time of everyday events (not avg of all the events of that day , but the even... by zacksoft Contributor in Splunk Search 08-29-2018 0 6	0	6
Change the color of rows in a table based on text value in Splunk Enterprise v6.4 My Table is as follows RAG status Count Red 1 Amber 4 Green 10 Grey 7 I am ... by rijinc Explorer in Splunk Search 08-29-2018 1 14	1	14
Could you help me create a search query which fetches Saved Searches with enabled Email Ids? We have configured around 700+ Searches and Reports (Saved searches) in our Search Head server and, for most of tho... by anandhalagarasa Path Finder in Splunk Search 08-29-2018 0 2	0	2
How do you set the order of queries to be run in a Splunk dashboard? We have 2 different searches which are interrelated. 1st search is called through a macro which publishes its result... by rbal_splunk Splunk Employee in Splunk Search 08-29-2018 0 2	0	2
How do you set up a timechart with multiple rows? I am trying to setup a timechart and I am a beginner in Splunk. I'd like to show a timechart with two rows, i.e., two... by baskarkrishnanc Engager in Splunk Search 08-29-2018 0 2	0	2
Extraction: How to split the values and search for specific words? Hello, I have got a few events with the fields "Information" and "Name". Few events look like below, and I have many ... by bollam Path Finder in Splunk Search 08-29-2018 0 3	0	3
What is the best way to get the running average and standard deviations for HTTP request character length? What would be the best way to search for anomalies/outliers for HTTP request character length by source IP? Looking f... by jwalzerpitt Influencer in Splunk Search 08-29-2018 0 1	0	1
How to extract multiple values from a multi-value field and use these in a table? I have a multivalue field (custom_4) separated by dollar signs that I have separated in to separate values with the b... by mal81394 New Member in Splunk Search 08-29-2018 0 1	0	1
Timechart as VS Timechart by Over the last 3 days I was trying to create dashboard with single value + trends. The query was something like this:... by shayhibah Path Finder in Splunk Search 08-29-2018 0 8	0	8
Can I REGEX a string and assign to field? I have Graylog forwarding Windows events and I use this command in my props.conf to parser FIELDALIAS-winlogbeat_as... by pfabrizi Path Finder in Splunk Search 08-29-2018 0 10	0	10
Is there a way to avoid the join command between indexes? I'm trying to get my head around the alternatives, but can't see how I could get rid of the join in the following que... by Esperteyu Explorer in Splunk Search 08-29-2018 0 8	0	8
Can someone help me chart JSON values? I have a JSON just like this. I want to chart data of the values inside values key. The keys of the data in the value... by sarnathkj Explorer in Splunk Search 08-29-2018 0 1	0	1
Lookup matching question Hi, I used the code below. In a first version of the code, my code began by \| inputlookup append=t NZDL.csv And afte... by jip31 Motivator in Splunk Search 08-29-2018 0 1	0	1
Is it possible to extract dimensions from the source field for metrics imported from CSV files? We already use a custom CSV formt to report application metrics. The format is very similar to the one introduced in ... by krdo Communicator in Splunk Search 08-29-2018 0 7	0	7
How to check if the field exists and extract the value? Hi. I need to use IP Address in iplocation, but O365 returns 2 different logs. one with "ClientIP" field and others w... by avtandil Engager in Splunk Search 08-29-2018 0 2	0	2
Remove CN= string and the rest from my search results Hi guys! I'm loking for a search like this: source="WinEventLog:Security" name = "A member group" Group_Name="*ad... by jnahuelperez35 Path Finder in Splunk Search 08-29-2018 0 4	0	4
Find Hosts which do their searches in alphabetical order Hi there I have many log-entries with the two fields "host_address" (an IP address) and "query" (a search query). On... by switch_dast Explorer in Splunk Search 08-29-2018 1 6	1	6
How to join two searches that both have subsearches and transactions I have an index with email data. With it, I have two separate searches that utilize subsearches to put together a se... by DEAD_BEEF Builder in Splunk Search 08-28-2018 0 1	0	1
Why doesn't "Wrap results" fit to the screen (or is there a way?) After I perform a search and click the "Format" Icon above the search results, there is an option for "Wrap Results".... by briancronrath Contributor in Splunk Search 08-28-2018 0 1	0	1
charts: How can I calculate median for each type on the hourly aggregation? Dear all, There are three columns with data: time (time scale in steps of 10 minutes) , val (amount of transactions)... by belts New Member in Splunk Search 08-28-2018 0 2	0	2
How to use stats as a filtered self join? I have groups of events that have the same GroupID field. For events matching given criteria I need to find anothe... by pm771 Communicator in Splunk Search 08-28-2018 1 4	1	4
Dbxlookup Functioning When we call a dbxlookup in a search query, does the lookup search for the matching filed values in the entire datab... by nawazns5038 Builder in Splunk Search 08-28-2018 0 0	0	0
From fields values make a table with calculated fields Hi Everyone, I'm new to Splunk: our Data looks like this: > id;name;Field1;Field2;Field3;Field4;field5;field6;fi... by dfofie New Member in Splunk Search 08-28-2018 0 4	0	4
Table Row Highlighting, using non numeric I am using the table_row_highlighting.js and the table_decorations.css from the 'latest Splunk 6.x Dashboard examples... by edwinmae Path Finder in Splunk Search 08-28-2018 0 5	0	5
JSON Field Extraction and Charting I have a sample JSON just like this. {"Domain":"DotComMobile","Metrics":"city","Brooklyn":782,"Bronx":450,"New York"... by sarnathkj Explorer in Splunk Search 08-28-2018 0 1	0	1