Splunk Search

Community Activity

map question I'm getting some strange results with the map command. This is what I need to do... in one index (1st search) I have ... by brdr Contributor in Splunk Search 06-25-2018 0 1	0	1
Using $starttime$ and $endtime$ in a macro with 'map' I am trying to create a macro which uses $startime$ and $endtime$ in a map. Whenever I do however I get the following... by phemmer Path Finder in Splunk Search 06-25-2018 1 5	1	5
Why am I having issues with two fields that hold multi-values in one time import of OpenLDAP Data ? I am importing a dump from my openLDAP into splunk via on one-time "data-import" . The fields, O, OU, DN, MAIL, etc... by johnjj7141 Explorer in Splunk Search 06-25-2018 0 2	0	2
Filter results by IP address from 3 lookup Hello i have one trouble, i went to extract IP address that not in Lookup of list servers and not in lookup of list ... by betahra Engager in Splunk Search 06-25-2018 0 4	0	4
How to get the events where the value is greater than 40 using where condition? hello I use this code index="perfmon" sourcetype="perfmon:logicaldisk" instance=c: \| eval Value=round(Value, 2)."... by jip31 Motivator in Splunk Search 06-25-2018 0 5	0	5
custom search command throw "You have insufficient privileges to perform this operation." I copy gauge.py under C:\Program Files\Splunk\etc\apps\search\bin into C:\Program Files\Splunk\etc\apps\search\bin\te... by dellytaniasetia Explorer in Splunk Search 06-25-2018 0 6	0	6
Creating mean time to repair out of ping output script Hi all, I know there's probably a simple answer, but being relatively new to Splunk, I'm still trying to get my head... by heybails88 Path Finder in Splunk Search 06-25-2018 0 1	0	1
How to run a diff search with a Head 2 command across multiple systems? I have developed a search, with help years ago, that will show differences in a netstat command using "diff" and "hea... by aferone Builder in Splunk Search 06-25-2018 0 7	0	7
Timechart to filter inactive buckets I need help with time chat query. Basically I want to display all the graph occurrences where the count hit 0 and st... by muralianup Communicator in Splunk Search 06-25-2018 0 2	0	2
How to exclude events where the date greater than today? Hi, Is there a way to exclude events in a search where a specific date field (not timestamp) is greater than today. ... by ebruozys Path Finder in Splunk Search 06-25-2018 0 4	0	4
how to write query to show only failure records from the following query with field filter is Applicationstatus_MFT!="Success" index=axway* sourcetype=":messages" SENDERROUTINGID="KNPROD" \|stats count by PRODUCTIONFILENAME\|fields - count \|rena... by Malliv New Member in Splunk Search 06-25-2018 0 2	0	2
Extracted values not showing up in new fields Hi all, I'm extracting a lists of values from a column called QoEReport but the extracted value does not show up in ... by dannili Communicator in Splunk Search 06-25-2018 0 20	0	20
Map earliest/latest no longer working since update to 7.1.0 Our Splunk instance has recently (yesterday?) been updated to 7.1.0 from 7.0.0. My queries were working perfectly be... by koenV Explorer in Splunk Search 06-25-2018 1 5	1	5
How to get employee name in chart? Dear All, I have one employee master csv that have employee name, departmentname, projectname. If the employee is th... by kumasaua Explorer in Splunk Search 06-24-2018 0 5	0	5
How to extract a string from a long field containing special characters? Hi all, I'm trying to use use Rex to extract a specific value from a really long string which contains all kinds of c... by dannili Communicator in Splunk Search 06-24-2018 0 4	0	4
Why are there no results found in a search while exploring the search tutorial? Hello Team Splunk, I am following the simple search tutorial featuring logs in zip files from the fictitious company... by rogue_carrot Communicator in Splunk Search 06-24-2018 0 4	0	4
Kafka regex: Why is the command not working in Splunk search? {"topic": "amx", "total_lag": 2670, "partitions": [{"lag": 117, "partition_number": 0}, {"lag": 122, "partition_numbe... by pswalia06 Explorer in Splunk Search 06-23-2018 0 7	0	7
Timechart /Timewrap - change in the x axis Hi all, I am using the timechart graph to represent number of apples every week over last 28 days and compare it to... by Veeruswathi Explorer in Splunk Search 06-23-2018 1 3	1	3
How to create a chart that shows the JSON count by fields within an object? Each line of my log has the following json construct { resourceUsage: [ { cloud: AWS ... by splunk_novice New Member in Splunk Search 06-23-2018 0 4	0	4
Lookup Errors When No Lookup Is Used I'm getting "Could not find all of the specified lookup fields in the lookup table......." even when I'm not using a ... by lodolivas Engager in Splunk Search 06-23-2018 1 3	1	3
How do optimizations for field-based searches work? When I search using key-value pairs as terms, what kind of optimizations does Splunk perform to retrieve the events t... by hexx Splunk Employee in Splunk Search 06-23-2018 13 4	13	4
Regex : Extract text after occurrence of a specific recurring character I have events like this - [2018-03-30 13:45:51,515] [[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Defaul... by Sukisen1981 Champion in Splunk Search 06-23-2018 0 6	0	6
How do I predict the monthly data using predict command in splunk? Sample Data; Month Year X1 5 2015 220 6 2015 210 7 2015 225 Output Predicted results: Month ... by saranravi New Member in Splunk Search 06-23-2018 0 1	0	1
Splunk query for formatting the output Hello, i am new to splunk and SPL. Below are the sample logs and my query. i was trying to get output like shown bel... by iamlearner123 Explorer in Splunk Search 06-22-2018 0 5	0	5
join two result with different times I have a use case, where in I need data from different dates compared to previous days. so, I have a time picker and... by splunkdivya Explorer in Splunk Search 06-22-2018 0 6	0	6