Splunk Search

Community Activity

How to get the events where the value is greater than 40 using where condition? hello I use this code index="perfmon" sourcetype="perfmon:logicaldisk" instance=c: \| eval Value=round(Value, 2)."... by jip31 Motivator in Splunk Search 06-25-2018 0 5	0	5
custom search command throw "You have insufficient privileges to perform this operation." I copy gauge.py under C:\Program Files\Splunk\etc\apps\search\bin into C:\Program Files\Splunk\etc\apps\search\bin\te... by dellytaniasetia Explorer in Splunk Search 06-25-2018 0 6	0	6
Creating mean time to repair out of ping output script Hi all, I know there's probably a simple answer, but being relatively new to Splunk, I'm still trying to get my head... by heybails88 Path Finder in Splunk Search 06-25-2018 0 1	0	1
How to run a diff search with a Head 2 command across multiple systems? I have developed a search, with help years ago, that will show differences in a netstat command using "diff" and "hea... by aferone Builder in Splunk Search 06-25-2018 0 7	0	7
Timechart to filter inactive buckets I need help with time chat query. Basically I want to display all the graph occurrences where the count hit 0 and st... by muralianup Communicator in Splunk Search 06-25-2018 0 2	0	2
How to exclude events where the date greater than today? Hi, Is there a way to exclude events in a search where a specific date field (not timestamp) is greater than today. ... by ebruozys Path Finder in Splunk Search 06-25-2018 0 4	0	4
how to write query to show only failure records from the following query with field filter is Applicationstatus_MFT!="Success" index=axway* sourcetype=":messages" SENDERROUTINGID="KNPROD" \|stats count by PRODUCTIONFILENAME\|fields - count \|rena... by Malliv New Member in Splunk Search 06-25-2018 0 2	0	2
Extracted values not showing up in new fields Hi all, I'm extracting a lists of values from a column called QoEReport but the extracted value does not show up in ... by dannili Communicator in Splunk Search 06-25-2018 0 20	0	20
Map earliest/latest no longer working since update to 7.1.0 Our Splunk instance has recently (yesterday?) been updated to 7.1.0 from 7.0.0. My queries were working perfectly be... by koenV Explorer in Splunk Search 06-25-2018 1 5	1	5
How to get employee name in chart? Dear All, I have one employee master csv that have employee name, departmentname, projectname. If the employee is th... by kumasaua Explorer in Splunk Search 06-24-2018 0 5	0	5
How to extract a string from a long field containing special characters? Hi all, I'm trying to use use Rex to extract a specific value from a really long string which contains all kinds of c... by dannili Communicator in Splunk Search 06-24-2018 0 4	0	4
Why are there no results found in a search while exploring the search tutorial? Hello Team Splunk, I am following the simple search tutorial featuring logs in zip files from the fictitious company... by rogue_carrot Communicator in Splunk Search 06-24-2018 0 4	0	4
Kafka regex: Why is the command not working in Splunk search? {"topic": "amx", "total_lag": 2670, "partitions": [{"lag": 117, "partition_number": 0}, {"lag": 122, "partition_numbe... by pswalia06 Explorer in Splunk Search 06-23-2018 0 7	0	7
Timechart /Timewrap - change in the x axis Hi all, I am using the timechart graph to represent number of apples every week over last 28 days and compare it to... by Veeruswathi Explorer in Splunk Search 06-23-2018 1 3	1	3
How to create a chart that shows the JSON count by fields within an object? Each line of my log has the following json construct { resourceUsage: [ { cloud: AWS ... by splunk_novice New Member in Splunk Search 06-23-2018 0 4	0	4
Lookup Errors When No Lookup Is Used I'm getting "Could not find all of the specified lookup fields in the lookup table......." even when I'm not using a ... by lodolivas Engager in Splunk Search 06-23-2018 1 3	1	3
How do optimizations for field-based searches work? When I search using key-value pairs as terms, what kind of optimizations does Splunk perform to retrieve the events t... by hexx Splunk Employee in Splunk Search 06-23-2018 13 4	13	4
Regex : Extract text after occurrence of a specific recurring character I have events like this - [2018-03-30 13:45:51,515] [[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Defaul... by Sukisen1981 Champion in Splunk Search 06-23-2018 0 6	0	6
How do I predict the monthly data using predict command in splunk? Sample Data; Month Year X1 5 2015 220 6 2015 210 7 2015 225 Output Predicted results: Month ... by saranravi New Member in Splunk Search 06-23-2018 0 1	0	1
Splunk query for formatting the output Hello, i am new to splunk and SPL. Below are the sample logs and my query. i was trying to get output like shown bel... by iamlearner123 Explorer in Splunk Search 06-22-2018 0 5	0	5
join two result with different times I have a use case, where in I need data from different dates compared to previous days. so, I have a time picker and... by splunkdivya Explorer in Splunk Search 06-22-2018 0 6	0	6
How to use REST-API to retrieve the result of a \| pivot ?? Hi All, Is there any sample that uses the "\|pivot" in the REST API call and gets the search results data returned? ... by rs8888 New Member in Splunk Search 06-22-2018 0 3	0	3
extract only last 7 business days Hi team, having a dashboard with last 7 days as a tie range. but we would need to have a dashboad with last 7 day... by nareshmg New Member in Splunk Search 06-22-2018 0 1	0	1
Merging to searches on specific field Hey guys, i can't figure out with my own google searches and forum searches how to merge two searches on a specific ... by bluedragon New Member in Splunk Search 06-22-2018 0 1	0	1
How to pipe REX sequence related to host network? Hello, this threat to find a solution to this problem: i have many network as (host=10.29.4.*) not /24 but subnet... by null0 New Member in Splunk Search 06-22-2018 0 5	0	5