Splunk Search

Community Activity

If Else functionality to pick different subsearch Depending on what month it is I need to run a different sub-search. index=foo source=bar [\| inputlookup servers... by pbarbuto Path Finder in Splunk Search 06-16-2018 0 1	0	1
issue with sort command Hi, index="testdb" sourcetype="audt" \| table Command, Duration \| sort Duration \| search Duration>=60. This search c... by krish318 New Member in Splunk Search 06-16-2018 0 7	0	7
How to ensure a transaction with an update finished before another transaction with the same input. In Splunk I have an application that updates a database. Currently there's been an issue with receiving a transaction... by Wicho175 New Member in Splunk Search 06-16-2018 0 3	0	3
not getting empty row value count when doing count by fields. i have four filed in a csv file, where some time , one filed value coming as empty, as like below field1 , field2, fi... by satishachary199 New Member in Splunk Search 06-15-2018 0 3	0	3
Splunk searches not yeilding data results for months Hello, I am a splunk newby who started using splunk at my job to build dashboards for a call center setting. Since ap... by aecord New Member in Splunk Search 06-15-2018 0 1	0	1
How to add seconds to epoch time using time modifiers? I have a dashboard which uses tokens that look like this earliest=$TIME.earliest$ latest=$TIME.earliest$+60s If I... by skoelpin SplunkTrust in Splunk Search 06-15-2018 0 11	0	11
Why does query return 0 results if I don't specify index? I have a query in splunk that returns 0 results if I type: my search terms here but works if I prepend index=* to... by kimberlytrayson Path Finder in Splunk Search 06-15-2018 0 1	0	1
How to use the "IF" statement to evaluate a window of time? I apologize in advance as I'm new to Splunk searching... I currently have a basic search for my dashboard that retur... by OfficeLackey Engager in Splunk Search 06-15-2018 0 2	0	2
when using predict fields become null so when I use the predict command my fields become null index=summary source="summary_events_2" orig_source=pnr ms_... by kiamco Path Finder in Splunk Search 06-15-2018 0 4	0	4
Server memory calculation over different time intervals in the same query Hi, I am getting the memory data from windows server in Splunk every minute index=main sourcetype="Perfmon:*" count... by macadminrohit Contributor in Splunk Search 06-15-2018 0 2	0	2
Transacting Events Across Different Field Names i'm using transact to group logon events on windows by Logon_ID. On Windows 10, there's also a Linked_Logon_ID that l... by joshwilczek New Member in Splunk Search 06-15-2018 0 2	0	2
How can I display ranges as text min - max? If I have data such as this: SensorNo A B C D....Z AA AB.... 123 2.4 2.5 2.6 1.0 ....89.1 124 8.6 2.6... by grantsmiley Path Finder in Splunk Search 06-15-2018 0 5	0	5
How to use inputlookup OUTPUT properly when a column is blank? This is a follow up question with respect to this previous question - https://answers.splunk.com/answers/627286/how-t... by anirban_nag Explorer in Splunk Search 06-15-2018 0 2	0	2
How to create below scenario? I have below parameter and their values over server_Name: Parameters Server_Name1 Server_Name2 Now I want to add on... by abhi04 Communicator in Splunk Search 06-15-2018 0 5	0	5
How to catch end of line symbols with regex? I have symbols that mean end of line \r\n Example of string: D:\INSTALL\_SysinternalsSuite\processhacker-2.39-bin... by avasilievnko Explorer in Splunk Search 06-15-2018 0 5	0	5
Ignore Field in Embedded Search but include it in Final Table Scenario: - The data I need is ultimately contained in completely different indeces/sourcetypes - I have a set of 5 c... by ZellNorman Explorer in Splunk Search 06-15-2018 0 3	0	3
Strftime adds 1 hour after converting I'm working on identifying which hosts are located in which time zone as the client does not have an inventory list a... by MedralaG Communicator in Splunk Search 06-15-2018 1 10	1	10
event contains same field with different values My events contain teh same fieldnames multiple times with different values. I.E. < active_recip="9" deliv_recip="0" h... by Mike6960 Path Finder in Splunk Search 06-15-2018 0 16	0	16
How to use macros in tstats and calling different macros based on the value of the parameter Hi. I wanted to use a macro to call a different macro based on the parameter and the definition of the sub-macro is ... by splunkrocks2014 Communicator in Splunk Search 06-15-2018 0 1	0	1
How to use values of column as column name? Hello. I've come to ask again continuously the question I asked few days ago This is my last question: https://answer... by apple143 Engager in Splunk Search 06-15-2018 0 10	0	10
Merge using a special logic I need to merge the following examples from a multivalue field using a special logic. I have absolutely no idea how t... by twjack Explorer in Splunk Search 06-14-2018 0 2	0	2
How to replace a value of a field with other varying field values? I have a splunk query which gives below tabular results in snap. But I want to replace the values of "count" field fo... by arrangineni Path Finder in Splunk Search 06-14-2018 0 2	0	2
Why is the regex in transforms.conf not activating in the UI? I am trying to take a REX command from a search and push it back into the config files. The REX command works great.... by jpcontrerasadit Explorer in Splunk Search 06-14-2018 0 1	0	1
Using a literal pipe "\|" character in an extracted regex field I'm creating an extracted field using a regex, and I want to use a literal pipe "\|" character in the regex. My unders... by jbrenner Path Finder in Splunk Search 06-14-2018 0 4	0	4
Why is the lookup for CIDR table not working? I have been trying to create a basic lookup within Splunk where we can search an IP and get back some information.The... by ng87 Path Finder in Splunk Search 06-14-2018 0 1	0	1