Splunk Search

Community Activity

Compare resp code count of two dates for each servername Hi I have query that return count of different resp codes of servers for 2 daysnow need to find different between the... by indeed_2000 Motivator in Splunk Search 02-23-2024 0 4	0	4
time difference between two fields Hi, I have two fields, where time zone seems to be different.. please could you help me to get difference ? itime= 2... by selvam_sekar Path Finder in Splunk Search 02-23-2024 0 1	0	1
Query Result Limit Hello What's the officall Limit of Query Results in Splunk? Is this also written somewhere on the Splunk Website?kind... by hitchmontana Engager in Splunk Search 02-23-2024 0 1	0	1
Measuring inactivity in equipment according to x y z position values Hello I would like to make a query in which i can see how long my equipment has been inactive and when it was inactiv... by Roy1 Explorer in Splunk Search 02-23-2024 0 2	0	2
How can I extract a field using rex that fulfils more than one condition? So I want to extract the last word as a field on each search result but want to grab those that only fulfils the foll... by bsinsan Observer in Splunk Search 02-23-2024 0 5	0	5
How to combine values from stats into single row? Hi All,I am looking into using some proxy logs to determine download volume for particular streaming sites and was lo... by TribesmanJohn Explorer in Splunk Search 02-22-2024 0 2	0	2
EventCode Subsearch I have an application that I am trying to monitor. There is a specific event code for when the tool is opened to mod... by jeradb Explorer in Splunk Search 02-22-2024 0 3	0	3
need for each Receiver_ID how much invoice total for 1 months span i have log like this :2024-02-22 12:49:38:344 EST\| INFO \|InterfaceName=USCUSTOMERINV INVCanonicalProcess Sender_ID=Th... by avikc100 Path Finder in Splunk Search 02-22-2024 0 1	0	1
Running queries not working at all I created a standalone splunk container on openshift container platform with the help of "splunk operator for kuberne... by olivera Explorer in Splunk Search 02-22-2024 1 1	1	1
Is there a way to keep row data together when using the stats command? Hello, Is there a way to keep row data together when using the stats command? ID Loc FirstName LastName 1 NY... by genesiusj Builder in Splunk Search 02-22-2024 0 5	0	5
How to change font size of texts inside table using dashboard xml source Hi, I have a splunk dashboard with different panels i.e. pie chart, table etc. I need to increase the font size of te... by ggangwar Path Finder in Splunk Search 02-22-2024 2 10	2	10
change the color of a column based on other column Hi i have stats table with following by deepthi5 Path Finder in Splunk Search 02-22-2024 0 1	0	1
How to filter search results from query Hi, I am looking to grab all windows events of successful NTLM logins without using Kerberos. Here is my query so far... by kodyrubida Engager in Splunk Search 02-22-2024 0 1	0	1
how to get the event time and _time difference in alert triggering time delay how to show the how long alert took triggered from the time the event occurred. To calculate the "diff" in times, to ... by harishsplunk7 Explorer in Splunk Search 02-22-2024 0 6	0	6
How to use timechart span=30m to start with the exact time Hi,My requirement is to find 30 mins result using timechart span=30m from the start time that I have mentioned.Start ... by anil1219 Engager in Splunk Search 02-22-2024 0 2	0	2
how group a field values with the maxevents of 4, without using transaction command Hi everyone,i need an alternative for the transaction command, bcoz its taking to much time to load the dashboard,thi... by vinod743374 Communicator in Splunk Search 02-22-2024 0 1	0	1
"Sort 0 desc" vs "sort 0 -" for data over 10,000 Hello,I don't know how to simulate this using makeresults, but I have data over 10,000 (let say 50,000)If I sort desc... by LearningGuy Motivator in Splunk Search 02-21-2024 0 1	0	1
compare two result HiI have a query that need to compare count of PF field for two log file:on splunk I have two query that create this ... by indeed_2000 Motivator in Splunk Search 02-21-2024 0 4	0	4
how to keep sender name with space in search result I am using Splunk Enterprise Version: 9.1.0.1.my search query is :index="webmethods_prd" source="/apps/webmethods/int... by avikc100 Path Finder in Splunk Search 02-21-2024 0 5	0	5
Search event Can an event be searched using the transaction without any index or source values?Yes or Nobreif answer on selection by Tron-spectron47 Loves-to-Learn in Splunk Search 02-21-2024 0 3	0	3
Rex not stopping capture after match I'm not sure why rex is properly matching the beginning of the value I am looking for (NameofTeam), but it also match... by ea-2023 Path Finder in Splunk Search 02-21-2024 0 4	0	4
How can I count events by location with a list of SERVERNAME's? Our splunk implementation has SERVERNAME as a preset field, and there are servers in different locations, but there i... by GEB Explorer in Splunk Search 02-21-2024 0 4	0	4
Search to check if request duration search has recovered index=my_index source="/var/log/nginx/access.log" \| stats avg(request_time) as Average_Request_Time \| where Average... by guywood13 Path Finder in Splunk Search 02-21-2024 0 7	0	7
case-sensitive on subsearch hiI have this situationindex="idx" [\| inputlookup name.csv \| table id name ]idx=idname1a2aaa1A2aaa12abbb lookupidname... by simo Path Finder in Splunk Search 02-21-2024 0 1	0	1
Regex Help to extract fields Can some one please help with the regex that can be used to view the below event in tabular format.EventINFO > 2024-0... by Harikiranjammul Explorer in Splunk Search 02-21-2024 0 1	0	1