Splunk Search

Community Activity

How can I display ranges as text min - max? If I have data such as this: SensorNo A B C D....Z AA AB.... 123 2.4 2.5 2.6 1.0 ....89.1 124 8.6 2.6... by grantsmiley Path Finder in Splunk Search 06-15-2018 0 5	0	5
How to use inputlookup OUTPUT properly when a column is blank? This is a follow up question with respect to this previous question - https://answers.splunk.com/answers/627286/how-t... by anirban_nag Explorer in Splunk Search 06-15-2018 0 2	0	2
How to create below scenario? I have below parameter and their values over server_Name: Parameters Server_Name1 Server_Name2 Now I want to add on... by abhi04 Communicator in Splunk Search 06-15-2018 0 5	0	5
How to catch end of line symbols with regex? I have symbols that mean end of line \r\n Example of string: D:\INSTALL\_SysinternalsSuite\processhacker-2.39-bin... by avasilievnko Explorer in Splunk Search 06-15-2018 0 5	0	5
Ignore Field in Embedded Search but include it in Final Table Scenario: - The data I need is ultimately contained in completely different indeces/sourcetypes - I have a set of 5 c... by ZellNorman Explorer in Splunk Search 06-15-2018 0 3	0	3
Strftime adds 1 hour after converting I'm working on identifying which hosts are located in which time zone as the client does not have an inventory list a... by MedralaG Communicator in Splunk Search 06-15-2018 1 10	1	10
event contains same field with different values My events contain teh same fieldnames multiple times with different values. I.E. < active_recip="9" deliv_recip="0" h... by Mike6960 Path Finder in Splunk Search 06-15-2018 0 16	0	16
How to use macros in tstats and calling different macros based on the value of the parameter Hi. I wanted to use a macro to call a different macro based on the parameter and the definition of the sub-macro is ... by splunkrocks2014 Communicator in Splunk Search 06-15-2018 0 1	0	1
How to use values of column as column name? Hello. I've come to ask again continuously the question I asked few days ago This is my last question: https://answer... by apple143 Engager in Splunk Search 06-15-2018 0 10	0	10
Merge using a special logic I need to merge the following examples from a multivalue field using a special logic. I have absolutely no idea how t... by twjack Explorer in Splunk Search 06-14-2018 0 2	0	2
How to replace a value of a field with other varying field values? I have a splunk query which gives below tabular results in snap. But I want to replace the values of "count" field fo... by arrangineni Path Finder in Splunk Search 06-14-2018 0 2	0	2
Why is the regex in transforms.conf not activating in the UI? I am trying to take a REX command from a search and push it back into the config files. The REX command works great.... by jpcontrerasadit Explorer in Splunk Search 06-14-2018 0 1	0	1
Using a literal pipe "\|" character in an extracted regex field I'm creating an extracted field using a regex, and I want to use a literal pipe "\|" character in the regex. My unders... by jbrenner Path Finder in Splunk Search 06-14-2018 0 4	0	4
Why is the lookup for CIDR table not working? I have been trying to create a basic lookup within Splunk where we can search an IP and get back some information.The... by ng87 Path Finder in Splunk Search 06-14-2018 0 1	0	1
Using regex, how to exclude any events in the host field and keep the rest? One big syslog file I need to index (monitor) daily. Many hosts log to this syslog file. I want to exclude any even... by some_guy Path Finder in Splunk Search 06-14-2018 0 3	0	3
How to compare search result with a lookup file I have a lookup file with the following fields original_login_name, client_net_address and Datase_Name I have these... by LeandroKopke Explorer in Splunk Search 06-14-2018 0 1	0	1
tstats not working on all index time fields? I have a python script (requests and post) that sends json events to an Indexer using HTTP Event Collector (HEC). I ... by moneybox Explorer in Splunk Search 06-14-2018 0 1	0	1
How to create a regex that removes everything before the second underscore? I'm trying to create a regex that removes everything before the second underscore in a string. The number of charact... by gbwilson Path Finder in Splunk Search 06-14-2018 0 3	0	3
Finding the difference between to separate fields? Good morning everyone, I am trying to find the difference between to fields. I have tried the eval command to subtr... by dreschke Explorer in Splunk Search 06-14-2018 0 7	0	7
conditional rex in splunk I have a field called Number and it has got a value like : \| inputlookup Numbers.csv Number 102 2 45 204 345 100 1... by abhayneilam Contributor in Splunk Search 06-14-2018 0 2	0	2
How to make a table with 3 datas Each day i execute my search This search give me the number of events with status OK or KO by enterprise nameEnterp... by faribole Path Finder in Splunk Search 06-14-2018 0 3	0	3
regex to extract multiple email addresses in splunk search How to list out all the email addresses in a splunk search which displays the following results. Storing shipConfirm... by pavanae Builder in Splunk Search 06-14-2018 0 3	0	3
Can we use wildcard characters in a lookup table? Can I create a lookup table with wildcard character ? I have a lookup like input,output user,USERNAME so anythi... by rakesh_498115 Motivator in Splunk Search 06-14-2018 7 9	7	9
How to create a subsearch which would generate a csv file and use this as input for another search string at same point in time. Hi all, I would like to generate the csv file form one search and use that as lookup file for another query . Here... by Veeruswathi Explorer in Splunk Search 06-14-2018 0 2	0	2
Splunk Query On Selecting The Range Of Vales For dashboard Hi Team, Would like to design the query for the below requirement where we wanted to capture 2 dash boards as below ... by Vigneshprasanna Explorer in Splunk Search 06-14-2018 0 0	0	0