Splunk Search

Community Activity

Strange search behavior with "transaction" Hello, Could someone explain me the following strange behavior with search With this type of search : sourcetype="... by cnoulin Explorer in Splunk Search 08-17-2018 0 7	0	7
How can I extract key value pair in a table? I have data like Data: {"code": "abc", "version": "2018.6", "name": "testdata", "group": "QA", "DB": "oracle"} i... by siddharthmis Explorer in Splunk Search 08-17-2018 0 2	0	2
How can I split multi values in a single value ? Hi guys, I wanna get 2 values in a single value (visualization) as picture. Please help me. Thanks by haind27 New Member in Splunk Search 08-17-2018 0 1	0	1
Is there a shortcut to piping the table command where splunk-created fields are automatically excluded? Given that my search criteria is this: index=some_index sourcetype=some_sourcetype, is there a shortcut to piping the... by morethanyell Builder in Splunk Search 08-16-2018 0 3	0	3
How to combine unique values of the field into one? I am trying to make a report with the unique combination of ID, AVER SRV & ZONE. However, since I am getting lots of ... by srizan Path Finder in Splunk Search 08-16-2018 0 4	0	4
wget URL for apps Thanks Splunk for such a great and powerful system. I'm trying to do a scripted deploy using this URL. http://splun... by cutmedia Engager in Splunk Search 08-16-2018 2 5	2	5
Data Visualization Collision Hi all, I am having trouble with data visualizations. Two of my data points are layered on top of each other. I hav... by zgoda Explorer in Splunk Search 08-16-2018 0 5	0	5
Can anyone help me understand this eval search query? I have recently started a new role and have been tasked with figuring out some old reports. The creator of the report... by hastym Explorer in Splunk Search 08-16-2018 0 4	0	4
What regex command to use to to remove the special character after a number? I want to remove the special character after a number, please help. data: 7.62\x00\x00\x00\x00\x00\x00\x00\x00\x00\... by DataOrg Builder in Splunk Search 08-16-2018 0 3	0	3
datamodelsimple returned error code 1 Ran the simple command below \| datamodelsimple External search command 'datamodelsimple' returned error code 1. ... by dkaldridge Engager in Splunk Search 08-16-2018 0 0	0	0
How to create a report on the results of the latest events only? Hello, I am trying to create a report that only looks at the latest events by a sourcetype. The sourcetype is an i... by KJDII Explorer in Splunk Search 08-16-2018 0 5	0	5
How to extract only successful and failed logins using regex? Hello All, I have a file with data: --------------server1 2018-07-----SQL2008-- Number of Success Logins: SOFTPOINTP... by atyshke1 Path Finder in Splunk Search 08-16-2018 0 15	0	15
Compare two table searchers and combine to single table (where condition) Hi, Got two different searches result in to corresponding table format, want to achieve something like "select b.co... by irvanrak Engager in Splunk Search 08-16-2018 0 2	0	2
compare event count today vs yesterday vs last week vs prior week Hi, i want to compare event count today with yesterday,last week and prior week using timewarp complete day like day... by john_q Explorer in Splunk Search 08-16-2018 0 4	0	4
Today vs. Yesterday vs. Last Week Hi All, I have a need to display a timechart which contains negative HTTP status codes (400's and 500's) today, yest... by ctripod Explorer in Splunk Search 08-16-2018 1 6	1	6
Compare total by today with yesterday and against the 7dayavg for the last week I have the following query where I am trying to utilize timewrap to display the total number of credit cards used as ... by demkic Explorer in Splunk Search 08-16-2018 0 3	0	3
How to suppress search results when a certain condition is met? I need help with a very basic search concept. I need a way to suppress search results if a certain condition is met.... by jmoeller New Member in Splunk Search 08-15-2018 0 6	0	6
How to get the result of sorting in a group? I want to get the result of sorting in the group. by flzhang132 Explorer in Splunk Search 08-15-2018 0 1	0	1
How can I get the result ? How can I get the result ? thanks ！ by flzhang132 Explorer in Splunk Search 08-15-2018 0 6	0	6
working with IP addresses - creating a table of old IP addresses Background: I have a directory/folder of CSV files containing the following fields: mac ;IP;devicename;interface;vl... by merios New Member in Splunk Search 08-15-2018 0 0	0	0
How to create n strings for n months? I need to create monthly filenames (2018-06-01.csv, 2018-07-01.csv, etc.) for n months. I can do something similar by... by nick405060 Motivator in Splunk Search 08-15-2018 1 1	1	1
Help with Masking data We have application writing logs as Windows Events . There are 3 fields that we wanted to mask .. Accept-Language=... by nmohammed Builder in Splunk Search 08-15-2018 0 10	0	10
Is there a better way to represent varying data sets in chart visualization? Hi all, I am having an issue with a dashboard that I am working with. The values of the bucket I am using vary from... by zgoda Explorer in Splunk Search 08-15-2018 0 3	0	3
How to modify/resize my table column widh based on its contents using CSS ? HI, I am using a table command to print out _time, application, name and events generated by that application using t... by Upas02 Path Finder in Splunk Search 08-15-2018 0 0	0	0
How to split JSON into multiple events using regex? I am currently trying to split my json into multiple events at index time into Splunk. Although when I do this it bre... by Zamoraw New Member in Splunk Search 08-15-2018 0 7	0	7