Splunk Search

Community Activity

Why am I seeing Incorrect stats with appendcols/append in a pie chart? I have been trying to prepare pie chart with proper stats on types of database errors. For some unknown reasons, I am... by snayani Explorer in Splunk Search 06-27-2018 0 4	0	4
How do I pass in a default value for a single value chart? How do I pass in a default value for a single value chart? As in I am not looking to search anything for now in the ... by angersleek Path Finder in Splunk Search 06-27-2018 0 2	0	2
Search with multiple trivial 'append' commands taking much longer in Splunk 7.1 We have a dashboard that lists a series of events representing alarms that need to be 'cleared' by the user as non-is... by jhigginsmq Path Finder in Splunk Search 06-27-2018 0 0	0	0
How to create a regex that removes everything after a second underscore? I have a regex that should remove everything after a second underscore. When I try to search with the regex, it does... by gbwilson Path Finder in Splunk Search 06-27-2018 0 3	0	3
How to split values within a field that are not separated by any characters? Hello everyone, I have this field with values that are retrieved withing "" but not separated by any character, and I... by pstamati Path Finder in Splunk Search 06-27-2018 0 10	0	10
append data from two indexes i have two indexes: index#1 contain raw event log. from this event log i calc for every domain the number of events s... by mcohen13 Loves-to-Learn in Splunk Search 06-26-2018 0 3	0	3
Getting Duplicate message when doing search for User ID (title) This is the search I used: \|rest /services/authentication/users splunk_server=local \|fields title \|rename title ... by nls7010 Path Finder in Splunk Search 06-26-2018 0 2	0	2
How to use radio button choices in case statements? Hi, I have a simple checkbox as shown below - <input type="checkbox" token="eventtype" searchWhenChanged="true"> ... by dhruv101 Path Finder in Splunk Search 06-26-2018 0 1	0	1
How to drop field name from a lookup table similar to the return function? Hi All, To give some context, the return function in Splunk when used with a subsearch allows you to drop the field ... by wills2g New Member in Splunk Search 06-26-2018 0 3	0	3
geostats individual markers (stop binning) I would like to plot all of my locations on a map, with an individual marker for each one. I know there is binspanlat... by eandres Explorer in Splunk Search 06-26-2018 0 0	0	0
How to search for average data indexed over 30, 60, 90 days by index? Splunkers, Looking for a search string that will allow me to use the time picker to see how much data has been index... by matthew_foos Path Finder in Splunk Search 06-26-2018 0 3	0	3
Input multiple values into a dashboard input I want to be able to pass multiple values to a field in a dashboard "Endpoint" . Like in the Endpoint Input I want to... by jkalra Explorer in Splunk Search 06-26-2018 0 2	0	2
Why am I getting "The lookup table '...' does not exist." errors after upgrading from Splunk 6.0.1 to 6.2.1? These are the errors I am getting: The lookup table 'endpoint_change_object_category_lookup' does not exist. It is r... by LVogeding New Member in Splunk Search 06-26-2018 0 9	0	9
Retrieve lookup data with JS Hello splunkers, i'm gonna try to be short, I'm trying to create an HTML homepage for Splunk APP and I've been trying... by ppatrikfr Path Finder in Splunk Search 06-26-2018 0 4	0	4
How to round a millisecond output? Does anyone know how to round a time readout from 00:07:06.53846153846155 to 00:07:06.54? by heybails88 Path Finder in Splunk Search 06-26-2018 0 4	0	4
Avoiding CSV lookup replication errors I've got a medium-sized (50MB) CSV lookup file with two columns (email address and server name) that I want to use. ... by Kenshiro70 Path Finder in Splunk Search 06-26-2018 0 2	0	2
Not able to override default font colour of single-value label field Hi Team, I am using dark.css in y dashboard and everything is becoming black including the lable font of a single v... by smdasim Explorer in Splunk Search 06-26-2018 0 0	0	0
How to configure multivalue field extraction? Hello, I cannot configure multivalue field extraction. I have a following event. the last 4 lines Time Stamp and ... by ninisimonishvil Path Finder in Splunk Search 06-26-2018 0 6	0	6
Count Consecutive Failed Logins Events We have our test environment in which Splunk Enterprise OVA is installed as server and Windows server (with universal... by Sagar0511 Explorer in Splunk Search 06-26-2018 1 2	1	2
Uploaded accelerated data model showing not showing all the data I downloaded an accelerated data model and uploaded it in my other search head but I am only able to see data from 1 ... by RevatiLawrence New Member in Splunk Search 06-26-2018 0 0	0	0
How to read the "key - value" information added when logging an exception in Splunk Mint? We are adding extended information when logging handled exceptions with Mint as explained in the docs: public void d... by ignaciosoler New Member in Splunk Search 06-26-2018 0 0	0	0
How to transpose data and create a new row? Hi all, I have a table data looks like: Time Type Count -------- ---------- -------... by kevingo75 New Member in Splunk Search 06-26-2018 0 4	0	4
Duplicate entries with continuous csv indexing Hello, I write with a small problem to you. I'm building a wi-fi monitoring system for my diploma thesis. I use Kisme... by haker146 New Member in Splunk Search 06-26-2018 0 5	0	5
search based on lookup table help Hello All I have a lookup table that I created that only has ip address and hostnames. I want to run the following ... by edwardrose Contributor in Splunk Search 06-25-2018 0 4	0	4
map question I'm getting some strange results with the map command. This is what I need to do... in one index (1st search) I have ... by brdr Contributor in Splunk Search 06-25-2018 0 1	0	1