Splunk Search

Community Activity

How to escape the end bracket using rex? I've read the threads on escaping the parens and the such. But I'm trying to do the "]". I thought I would be able ... by rbdev Engager in Splunk Search 06-20-2018 0 3	0	3
Can we use DBconnect lookup for correlation of lookup file data with DB input data before indexing? Hello, I just want to know if this scenario can be achieved in splunk with DB connect Lookups . I am getting data fr... by arrangineni Path Finder in Splunk Search 06-20-2018 0 3	0	3
How to get stats count value as 0, if there are no events for that value in splunk search. We have 7 different filetypes, we are trying to get count of each filetype in table. If count of any of them is 0, it... by guptap2 New Member in Splunk Search 06-20-2018 0 1	0	1
using bin command and span HI, I have this query: index="sample_data" sourcetype="management_sampledata.csv" \| fields* \| search Status!=Close... by jvmerilla Path Finder in Splunk Search 06-20-2018 0 5	0	5
Find count of "failures" in events I am running the following query , which is returning the number of events where "failures" keyword is occuring , but... by navd New Member in Splunk Search 06-20-2018 0 2	0	2
Is there an alternative to the stats list and values functions to get my expected result? I'm having problems with getting all the values to display when using this: \|stats count, values(host) as Host, list... by splunkin11 Path Finder in Splunk Search 06-19-2018 3 8	3	8
1. Total purchase split by product ID please provide me solution on tutorial data Client purchase details: Provide details about client purchase... by dilip7504 New Member in Splunk Search 06-19-2018 0 3	0	3
capture specific sequence of events I have these set of event based on transaction But I only want to compute a specific sequence of events and discard t... by michaelrosello Path Finder in Splunk Search 06-19-2018 0 3	0	3
How to calculate multiple fields total count? I have following fileds, I want to calculate the total f count: (count(f1)+count(f2)+count(f3)+count(f4))=3+3+2+1=9. ... by Min1025 Explorer in Splunk Search 06-19-2018 0 2	0	2
Why does the DBX read count and write count doesn't match and is throwing an error? I have a DBX 3.1.2 job that's failing at some point along the way. I don't get any error messages (everything is set ... by BenjaminWyatt Communicator in Splunk Search 06-19-2018 0 3	0	3
Want to condition match when a value is a single asterisk Have tried every combination I can think of. Want to set some tokens in a when the value is a single asterisk. As a... by simpkins1958 Contributor in Splunk Search 06-19-2018 0 5	0	5
How do I set an alert when 95th percentile is over the threshold? Hi all, Here is my base search index=java location=APICall api_method=POST Duration \|stats median(Duration) as... by mlui_2 Explorer in Splunk Search 06-19-2018 2 3	2	3
if .csv file is empty how to get correct result in search For one of my dashboards I am working with .csv files which are generated every day. these contain certain failures f... by Mike6960 Path Finder in Splunk Search 06-19-2018 0 4	0	4
Regex isnt working for my search string I want to extract a field from the log event using regex .following is the sample log event , can someone tell me how... by navd New Member in Splunk Search 06-19-2018 0 1	0	1
What are the limitations regarding lookups? Hey there. This isn't a specific code question but rather a more general question regarding limitations of lookups. F... by DerBastler New Member in Splunk Search 06-19-2018 0 2	0	2
How do you handle multiple sanitizations in the same regex? Hi all, I have the following data being indexed by splunk: POST /somendpoint.asmx HTTP/1.1 Host: somehost Connect... by zhatsispgx Path Finder in Splunk Search 06-19-2018 0 2	0	2
Flattening Hierarchical Relationships without transaction or join I'm looking for an efficient way to build multiple parent child event pairs into a flat string of parent,children,gra... by ErikaE Communicator in Splunk Search 06-19-2018 1 2	1	2
How to create a different search for each column in a chart? I would like to have a chart that shows the different values (I used a unique field extraction for this) found and di... by link22 Explorer in Splunk Search 06-19-2018 0 2	0	2
Joining 2 events that have different content [updated the question based on feedback] I am trying to join events from these 2 log entries Events of Type 1 dateTi... by patb23 Engager in Splunk Search 06-19-2018 0 4	0	4
How to perform subtraction on results? I'm currently using this in a search: index=OS sourcetype=cpu \| timechart avg(pctIdle) by host This typically gives ... by brosselle New Member in Splunk Search 06-19-2018 0 3	0	3
How to use eval for basic search terms (NOT fields)? So I want to get the stats count of two search terms in a search that looks like this: index=myIndex "searchTermA" OR... by link22 Explorer in Splunk Search 06-19-2018 0 2	0	2
Change x axis _time display to weekly instead of daily So I'm aiming for a month's worth of data to be displayed as "Week 1, Week 2, Week 3, Week 4" instead of by "Apr 13, ... by link22 Explorer in Splunk Search 06-19-2018 0 3	0	3
centralize search queries with links Hello community, I'm currently building an application for a customer. Since the needs of the customer are steadily ... by at1ll3y New Member in Splunk Search 06-19-2018 0 1	0	1
What indexes are included in search by default? Hi, I was in the process of changing the index that certain events write to and came across a problem with a query I... by dswanson99 Path Finder in Splunk Search 06-19-2018 1 6	1	6
Change X Axis Display to Week Instead of Day I have the x axis of my search displaying by week however I do not want this format: Apr 23 Apr 30 etc. I have my c... by link22 Explorer in Splunk Search 06-19-2018 0 3	0	3