Splunk Search

Community Activity

	fill in 0 when there is no data i have an index that calc amount of events for a specific domain name this index have 3 fields: date,domain_name, eve... by mcohen13 Loves-to-Learn in Splunk Search 06-11-2018 0 7	0	7
	I am trying to run CLI searches and output it to a file but its only giving 100 results. Hello Everyone, I am trying to run below query everyday at 6AM through CLI and output the result to new text file. B... by jsuryaprakash Path Finder in Splunk Search 06-11-2018 0 5	0	5
	Compare multi value fields to get Count Hi, I have a multi value field which contains some product codes separated by a code. Now the 2 events can have the s... by Shashank_87 Explorer in Splunk Search 06-11-2018 0 4	0	4
	Lookup OUTPUTNEW Behavior Hello, I have a wrong behavior on lookup command with OUTPUTNEW options. What I'm trying to achieve is to update th... by olivier_ma Explorer in Splunk Search 06-11-2018 0 4	0	4
	When the value is not showed in the result also i need to dispaly value as 0 in the result set .. In the below query. When i filter the sectodate count greater than 5. I’m missing the count of values “Cool","Super .... by Shan Builder in Splunk Search 06-11-2018 0 4	0	4
	RegEx Extract value after string I'm trying to build an extraction to find the uptime from this data (example below) .1.3.6.1.4.1.789 Enterprise Spec... by arrowecssupport Communicator in Splunk Search 06-11-2018 0 1	0	1
	"status = 404" does not appear in the field status. Hi, there! I installed the "Splunk Forwarder" on an Apache web server configured as "access_combined". The logs are ... by cesarfabre Explorer in Splunk Search 06-11-2018 0 1	0	1
	Correct Search string for Memory and CPU utilization Hello, I am trying to create a dashboard report of CPU Utilization and Memory used for each of my application comp... by anzar_ahsan New Member in Splunk Search 06-11-2018 0 1	0	1
	How to get filtered data with spath? I am trying to build stats for a set of JSON data which looks like this: { "ts":1527498793267, "version":"1.12... by developer_de New Member in Splunk Search 06-11-2018 0 2	0	2
	help regex hello in a log file i want to extract every tetx which starts with EU\SH but i dont succeed could you help me please?... by jip31 Motivator in Splunk Search 06-10-2018 0 3	0	3
	Lookup error: Could not find all of the specified lookup fields Hi! I'm trying to use lookup table but I get the error I wrote in the title. My .conf files are props.conf: [mobile... by emaccaferri Communicator in Splunk Search 06-10-2018 0 7	0	7
	How to create a new _time field by merging two separate fields I have a sample event log below: 2018-05-04 06:59:50 AAA="1", BBB="2", CCC="3", XXX="70029", ZZZ="2018-05-04 00:00:0... by dailv1808 Path Finder in Splunk Search 06-10-2018 0 1	0	1
	Spliting a transaction from multiple events in a column, to seperate columns So i'm looking to find users that are going from Building A --> to Building B.. Problem is the transaction is showin... by Sp3ctre1 New Member in Splunk Search 06-10-2018 0 0	0	0
	help regex hello in a log file i want to extract every tetx which starts with EU\SH but i dont succeed could you help me please?... by jip31 Motivator in Splunk Search 06-09-2018 0 0	0	0
	help with a sub search and pie chart I have a pie chart that works great with a current search. I have been asked to add something to the pie chart that ... by chadman Path Finder in Splunk Search 06-09-2018 0 1	0	1
	Seperate Multivalue Fields with Carriage Return Delimiter Hi all - I have data that appears like this: Field=Animal Cat Dog Fish Dog Fish Horse Cat Dog Pig .....where mult... by mistydennis Communicator in Splunk Search 06-08-2018 0 1	0	1
	Sum value from distinct hosts over time I have a bunch of hosts streaming logs that show metrics like cpu count. The problem is that they all send those log... by caviman2201 Path Finder in Splunk Search 06-08-2018 0 1	0	1
	Lookup stating that it cannot find all specified lookup fields in the lookup table. I am attempting to find first time logons to new servers. I am trying to use a lookup to list a EventID Description ... by aarontmartin165 Explorer in Splunk Search 06-08-2018 0 7	0	7
	Two multi-select input boxes, if the user puts a value in one hide the other one Hi, I have this XML code. What I'd like to do is if the user selects a premise ID input value, then hide (or blank)... by dbcase Motivator in Splunk Search 06-08-2018 0 3	0	3
	Ignore a value in a multivalue if found in another field Good day, Suppose I want to compare the data in Column A and Column B. Column B can be a multivalue field or not. If... by aamer4zangi Path Finder in Splunk Search 06-08-2018 0 6	0	6
	command to find count of specific errors I want to find number of 500 , 200 , 300 error present in the logs . I have already fields extracted for error_code s... by navd New Member in Splunk Search 06-08-2018 0 1	0	1
	Why is the below query not working? I have to list the Job_Name orderid Start_Time End_Time. i am using the below query but not getting the values for En... by abhi04 Communicator in Splunk Search 06-08-2018 0 3	0	3
	Powershell vs WMI Hi I an SPL command i use the Win32_DesktopMonitor WMI class and SPLUNK is able to use all the fields corresponding ... by jip31 Motivator in Splunk Search 06-08-2018 0 1	0	1
	Find the missed id in the Query2 compared with Query1 I have 2 queries producing some results Query1: index=foo* sourcetype="abc_uvw" activity="POST*/test1" source="/log... by arjun_krishna Explorer in Splunk Search 06-08-2018 0 0	0	0
	Spliting multiple events in a transaction column , into seperate columns Hi All, So when im running a transaction based on starts with .... ends with... i'm getting two events of the trans... by Sp3ctre1 New Member in Splunk Search 06-08-2018 0 1	0	1