Splunk Search

Community Activity

How to do fields extractions from multiline fields that have more than 600 characters? I am using Splunk Enterprise on Windows machines and extract several fields from multiline events. Everything works f... by sven_simon New Member in Splunk Search 07-31-2018 0 10	0	10
How to write a transaction restricting time of start event? I want to create an alert which will find requests which have not received a response. I have created the following ... by stewartevans Explorer in Splunk Search 07-31-2018 0 3	0	3
How to show index in the table when we use metadata? I have a scenario that i have to trigger alert when splunk forwarder is not running i have query that working fine.in... by karthi2809 Builder in Splunk Search 07-31-2018 0 1	0	1
Splunk Query using transaction Hi Team, Would like to design the query for the below requirement where we wanted to capture 2 dash boards as below ... by me715477 New Member in Splunk Search 07-30-2018 0 0	0	0
How to monitor log time from 22.00 to 8.00? Dear all. Please support me about monitor and statistics log from 22.00 to 8.00 Thanks by hiepdv4 New Member in Splunk Search 07-30-2018 0 3	0	3
data masking via transforms.conf and props.conf wont work? After indexing the data, i've done some transforms.conf and props.conf configuration. The configuration masks the fir... by patricianaguit Explorer in Splunk Search 07-30-2018 0 3	0	3
Convert date field given in dd(numeric)-mmm(text)-yyyy(numeric) into mm/dd/yyyy Hi In one of my log reports a date field (not the deafult _time field) has data as 06-Mar-2018 and not as 03/06/2018... by vikfnu Explorer in Splunk Search 07-30-2018 0 1	0	1
How to do a firewall search for all src ips and match those ips to a subnet range that is in a lookup table? Hello, I am trying to do a firewall search for all src ips and match those ips to a subnet range that is in a looku... by jleibow New Member in Splunk Search 07-30-2018 0 1	0	1
Using multiple values in a field to compare to the values in another field Hi, I am looking to using all the values from one field and see if they partially appear in another from a set of ma... by dm22 New Member in Splunk Search 07-30-2018 0 1	0	1
Using AVG function with count I'm a brand new Splunk user, so I apologize if this is an extremely basic question. This is the query I'm running: l... by jsights New Member in Splunk Search 07-30-2018 0 1	0	1
Rescan Splunk raw data in one search Looking for some ideas. I have a search that runs fine. I was given the task of modifying it so, under certain cond... by OldManEd Builder in Splunk Search 07-30-2018 0 6	0	6
Can I join fields output from two extensive search queries to create a list of fields on which I can run my final query to get desired result I am new to splunk and right now trying to create a dashboard for IT. I have different csv file for AV, PAtch, Softwa... by vikfnu Explorer in Splunk Search 07-30-2018 0 4	0	4
Increase SearchManager result limit Hi all, I have a dashboard with Search Table. Here's my code: var table = mvc.Components.get(__TABLE_ID__); var se... by edenysenko New Member in Splunk Search 07-30-2018 0 1	0	1
Can someone help with the search to format this table? Hello I have challenged with a difficult formatting task. I have a very long search index=testindex "Type" = "servi... by tkwaller_2 Communicator in Splunk Search 07-30-2018 0 5	0	5
incremental value I have sequence no of to populate . first column is the sequence of no and answers need to like in the second column ... by DataOrg Builder in Splunk Search 07-30-2018 0 3	0	3
Audit log for db connect query update Is there any log available that will show if any update/delete was done on the db_connect query and by whom, addition... by abhijitnath89 Path Finder in Splunk Search 07-30-2018 0 0	0	0
How to apply eval to a field which contains "."? Hello, I have got a field name "test_time.space_used" in the events and I need to perform arithmetic operations to t... by bollam Path Finder in Splunk Search 07-30-2018 0 2	0	2
How to separate values from one cell to separate cells I have created a table using search as mentioned below, S.No TestCycle ResponseTime ElapsedTime 1 TC1 ... by rajeswarir New Member in Splunk Search 07-30-2018 0 2	0	2
The starting time of search with timechart doesn’t match the local timezone. When bucket time is between 03/08/2018 00:00:00 and 03/08/2018 24:00:00 with JST (GMT+9) as timezone, the starting ti... by kinaba_splunk Splunk Employee in Splunk Search 07-29-2018 0 1	0	1
Chart with multiple lines based on field values case: Logged events with differentiating fuellevel and the corresponding serial Desired outcome: So a graph with... by fhobelman Engager in Splunk Search 07-29-2018 1 3	1	3
Help combining results from different searches, append vs. multisearch Moderator Note: the below was originally posted as an Answer on an old question, but being it's own question it has b... by psmp Explorer in Splunk Search 07-29-2018 0 2	0	2
How can I get a load average of cpu using splunk query? I am seeing 3 load average values, need to get a query to get 3 values and get an average. by udaymadupathi New Member in Splunk Search 07-28-2018 0 3	0	3
rename the name of a field with the value of another field Hello there, After a stats command, I would like to rename the name of a field using a string and the value of anot... by marziaolla Path Finder in Splunk Search 07-28-2018 0 3	0	3
Joining of two fields order by 2018/17/25 19:37:27 Field1="0" FIELD_TEXT="Select" 2018/17/25 10:30:17 Field1="0" FIELD_TEXT="name" 2018/17/25 06:9:0... by swetar New Member in Splunk Search 07-28-2018 0 4	0	4
What will be the correct sourcetype when adding the cloudforms automation.log ?,What will be the correct sourcetype for cloudforms automation log ? We have installed forwarder in cloudforms node. But after getting the logs i cant find the exact field in search . Pl... by sumitinfonet New Member in Splunk Search 07-28-2018 0 1	0	1