Splunk Search

Community Activity

Why doesn't "Wrap results" fit to the screen (or is there a way?) After I perform a search and click the "Format" Icon above the search results, there is an option for "Wrap Results".... by briancronrath Contributor in Splunk Search 08-28-2018 0 1	0	1
charts: How can I calculate median for each type on the hourly aggregation? Dear all, There are three columns with data: time (time scale in steps of 10 minutes) , val (amount of transactions)... by belts New Member in Splunk Search 08-28-2018 0 2	0	2
How to use stats as a filtered self join? I have groups of events that have the same GroupID field. For events matching given criteria I need to find anothe... by pm771 Communicator in Splunk Search 08-28-2018 1 4	1	4
Dbxlookup Functioning When we call a dbxlookup in a search query, does the lookup search for the matching filed values in the entire datab... by nawazns5038 Builder in Splunk Search 08-28-2018 0 0	0	0
From fields values make a table with calculated fields Hi Everyone, I'm new to Splunk: our Data looks like this: > id;name;Field1;Field2;Field3;Field4;field5;field6;fi... by dfofie New Member in Splunk Search 08-28-2018 0 4	0	4
Table Row Highlighting, using non numeric I am using the table_row_highlighting.js and the table_decorations.css from the 'latest Splunk 6.x Dashboard examples... by edwinmae Path Finder in Splunk Search 08-28-2018 0 5	0	5
JSON Field Extraction and Charting I have a sample JSON just like this. {"Domain":"DotComMobile","Metrics":"city","Brooklyn":782,"Bronx":450,"New York"... by sarnathkj Explorer in Splunk Search 08-28-2018 0 1	0	1
How do I capture the repeating pattern on multiple lines with REX? With this dataset, the linebreaker is zone: zone: zone_1wwns 00:00:00:00:00:00:00:01 zone: zone_2wwns ... by clintla Contributor in Splunk Search 08-28-2018 0 3	0	3
Get top combination from a multi value field Hi, I have a multi value field who has data something like below which has been extracted from some web service. I a... by Shashank_87 Explorer in Splunk Search 08-28-2018 0 5	0	5
Is there a regex available to drop service account events from active directory to be used on the universal forwarder? Our security events count is in millions and we observed that we have more then 600 service accounts in our environme... by hrithiktej Communicator in Splunk Search 08-28-2018 0 0	0	0
Visualizations: How do you display all accounts in the same chart at the same time? How do I display all accounts in the same chart at the same time? There are three accounts！ account1 have 1000000$ ... by flzhang132 Explorer in Splunk Search 08-28-2018 0 1	0	1
How to search a string having multiple lines? I want to search a string "call_before_download = function(){<!-- --> showInstallInstructions(); } by Bhagyashri Explorer in Splunk Search 08-28-2018 0 2	0	2
Is there an alternative to using > in a search string? My basic question is as follows: Is there a text alternative for specifying greater or less than, rather than using ... by psymonkey New Member in Splunk Search 08-28-2018 0 4	0	4
Why is 'other' showing up? I have a couple simple saved searches, and they are on a dashboard. After upgrading to 4.3, "other" started showing u... by jgauthier Contributor in Splunk Search 08-28-2018 1 6	1	6
How to pass the value in main query from the lookup file in a list of servers? I have a list of server in lookup file and I want to create an alert. The list of server names in the lookup file(aro... by DataOrg Builder in Splunk Search 08-28-2018 0 7	0	7
How can I change the legend values for timechart to a different format? How can I change the values in the legend for a timechart? I use: index=indexone sourcetype=sourceone \| timechart co... by desi_stoitsova Engager in Splunk Search 08-28-2018 2 0	2	0
Using spath or xpath Below is my xml from which i need the Name and code under every option <options> <name>MESSAGING + DA... by yaminims New Member in Splunk Search 08-28-2018 0 2	0	2
eval with malformed in my nested if. Expected (. Hi, Need help urgently. I am running Splunk command in batch file but I keep on getting FATAL: Error in 'eval' com... by peiyee422 New Member in Splunk Search 08-28-2018 0 5	0	5
Can we use regex for counting fields? Hi I have one question, is it possible to count the number of event in regex format for writing in transforms.conf? by khanlarloo Explorer in Splunk Search 08-28-2018 0 8	0	8
Do I need to use these two searches because of the multikv with one table? So here is my search index=someindex sourcetype=somesourcetype source="someloglocation*" eventtype="nix_kernel_attac... by thefuzz4 Path Finder in Splunk Search 08-27-2018 0 4	0	4
Event correlation with specific event filtering I have following search: index=pfsense OR index=otherindex verdict=pass \| stats values(destip) AS fieldA, values(ot... by strangelaw Explorer in Splunk Search 08-27-2018 0 3	0	3
How do I use date_mday to create a table with multiple fields? Hi Splunkers, newish user here... I'm looking at firewall logs, I want to create a table with number of blocked IP fo... by jnames10 Explorer in Splunk Search 08-27-2018 1 2	1	2
What is the best way to generate a timechart count and overlay a trendline of expected goal growth? Hi, I want to generate a timechart count of actual values and overlay a trendline of expected goal growth. Basically ... by ahofmann Explorer in Splunk Search 08-27-2018 0 1	0	1
how to include the graphical chart in email Is it possible to include the graphical chart(not a pdf) along with tabular chart in the email alerts which are confi... by mag3690 Engager in Splunk Search 08-27-2018 1 4	1	4
Output multiple fields from query to csv via output lookup I have created a query that will extract specific information from my Active Directory logs, and output it into a nic... by iomega311 Explorer in Splunk Search 08-27-2018 0 1	0	1