Splunk Search

Community Activity

How to exclude events where the date greater than today? Hi, Is there a way to exclude events in a search where a specific date field (not timestamp) is greater than today. ... by ebruozys Path Finder in Splunk Search 06-25-2018 0 4	0	4
how to write query to show only failure records from the following query with field filter is Applicationstatus_MFT!="Success" index=axway* sourcetype=":messages" SENDERROUTINGID="KNPROD" \|stats count by PRODUCTIONFILENAME\|fields - count \|rena... by Malliv New Member in Splunk Search 06-25-2018 0 2	0	2
Extracted values not showing up in new fields Hi all, I'm extracting a lists of values from a column called QoEReport but the extracted value does not show up in ... by dannili Communicator in Splunk Search 06-25-2018 0 20	0	20
Map earliest/latest no longer working since update to 7.1.0 Our Splunk instance has recently (yesterday?) been updated to 7.1.0 from 7.0.0. My queries were working perfectly be... by koenV Explorer in Splunk Search 06-25-2018 1 5	1	5
How to get employee name in chart? Dear All, I have one employee master csv that have employee name, departmentname, projectname. If the employee is th... by kumasaua Explorer in Splunk Search 06-24-2018 0 5	0	5
How to extract a string from a long field containing special characters? Hi all, I'm trying to use use Rex to extract a specific value from a really long string which contains all kinds of c... by dannili Communicator in Splunk Search 06-24-2018 0 4	0	4
Why are there no results found in a search while exploring the search tutorial? Hello Team Splunk, I am following the simple search tutorial featuring logs in zip files from the fictitious company... by rogue_carrot Communicator in Splunk Search 06-24-2018 0 4	0	4
Kafka regex: Why is the command not working in Splunk search? {"topic": "amx", "total_lag": 2670, "partitions": [{"lag": 117, "partition_number": 0}, {"lag": 122, "partition_numbe... by pswalia06 Explorer in Splunk Search 06-23-2018 0 7	0	7
Timechart /Timewrap - change in the x axis Hi all, I am using the timechart graph to represent number of apples every week over last 28 days and compare it to... by Veeruswathi Explorer in Splunk Search 06-23-2018 1 3	1	3
How to create a chart that shows the JSON count by fields within an object? Each line of my log has the following json construct { resourceUsage: [ { cloud: AWS ... by splunk_novice New Member in Splunk Search 06-23-2018 0 4	0	4
Lookup Errors When No Lookup Is Used I'm getting "Could not find all of the specified lookup fields in the lookup table......." even when I'm not using a ... by lodolivas Engager in Splunk Search 06-23-2018 1 3	1	3
How do optimizations for field-based searches work? When I search using key-value pairs as terms, what kind of optimizations does Splunk perform to retrieve the events t... by hexx Splunk Employee in Splunk Search 06-23-2018 13 4	13	4
Regex : Extract text after occurrence of a specific recurring character I have events like this - [2018-03-30 13:45:51,515] [[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Defaul... by Sukisen1981 Champion in Splunk Search 06-23-2018 0 6	0	6
How do I predict the monthly data using predict command in splunk? Sample Data; Month Year X1 5 2015 220 6 2015 210 7 2015 225 Output Predicted results: Month ... by saranravi New Member in Splunk Search 06-23-2018 0 1	0	1
Splunk query for formatting the output Hello, i am new to splunk and SPL. Below are the sample logs and my query. i was trying to get output like shown bel... by iamlearner123 Explorer in Splunk Search 06-22-2018 0 5	0	5
join two result with different times I have a use case, where in I need data from different dates compared to previous days. so, I have a time picker and... by splunkdivya Explorer in Splunk Search 06-22-2018 0 6	0	6
How to use REST-API to retrieve the result of a \| pivot ?? Hi All, Is there any sample that uses the "\|pivot" in the REST API call and gets the search results data returned? ... by rs8888 New Member in Splunk Search 06-22-2018 0 3	0	3
extract only last 7 business days Hi team, having a dashboard with last 7 days as a tie range. but we would need to have a dashboad with last 7 day... by nareshmg New Member in Splunk Search 06-22-2018 0 1	0	1
Merging to searches on specific field Hey guys, i can't figure out with my own google searches and forum searches how to merge two searches on a specific ... by bluedragon New Member in Splunk Search 06-22-2018 0 1	0	1
How to pipe REX sequence related to host network? Hello, this threat to find a solution to this problem: i have many network as (host=10.29.4.*) not /24 but subnet... by null0 New Member in Splunk Search 06-22-2018 0 5	0	5
How to map metadata ACS value to a public domain? Hi, I have deployed a splunk enterprise server on AWS ec2 so that I have a public domain name. When I configure the ... by jameszeng Engager in Splunk Search 06-22-2018 0 2	0	2
Use a field as the search in searchmatch I would like to use a field as the string for searchmatch, but that results in an error stating: Error in 'eval' co... by triest Communicator in Splunk Search 06-22-2018 0 4	0	4
How do you use the rex command to calculate a value? Hello, I'm new to Splunk and I have the following field and want to grab the subtotal of the field total using the r... by Danielle2018V New Member in Splunk Search 06-22-2018 0 6	0	6
How to use OR or AND in searchmatch(X) function? I am trying to use following query to generate some report put seems OR and AND is not working in searchmatch. index... by dniraula New Member in Splunk Search 06-22-2018 0 2	0	2
Merge two search results and add difference I have result of one search1 stored in csv by outpootlookup. I use this lookup for the search2 as a criteria, e.g. wh... by malekseev New Member in Splunk Search 06-22-2018 0 1	0	1