Splunk Search

Community Activity

	help regex hello in a log file i want to extract every tetx which starts with EU\SH but i dont succeed could you help me please?... by jip31 Motivator in Splunk Search 06-09-2018 0 0	0	0
	help with a sub search and pie chart I have a pie chart that works great with a current search. I have been asked to add something to the pie chart that ... by chadman Path Finder in Splunk Search 06-09-2018 0 1	0	1
	Seperate Multivalue Fields with Carriage Return Delimiter Hi all - I have data that appears like this: Field=Animal Cat Dog Fish Dog Fish Horse Cat Dog Pig .....where mult... by mistydennis Communicator in Splunk Search 06-08-2018 0 1	0	1
	Sum value from distinct hosts over time I have a bunch of hosts streaming logs that show metrics like cpu count. The problem is that they all send those log... by caviman2201 Path Finder in Splunk Search 06-08-2018 0 1	0	1
	Lookup stating that it cannot find all specified lookup fields in the lookup table. I am attempting to find first time logons to new servers. I am trying to use a lookup to list a EventID Description ... by aarontmartin165 Explorer in Splunk Search 06-08-2018 0 7	0	7
	Two multi-select input boxes, if the user puts a value in one hide the other one Hi, I have this XML code. What I'd like to do is if the user selects a premise ID input value, then hide (or blank)... by dbcase Motivator in Splunk Search 06-08-2018 0 3	0	3
	Ignore a value in a multivalue if found in another field Good day, Suppose I want to compare the data in Column A and Column B. Column B can be a multivalue field or not. If... by aamer4zangi Path Finder in Splunk Search 06-08-2018 0 6	0	6
	command to find count of specific errors I want to find number of 500 , 200 , 300 error present in the logs . I have already fields extracted for error_code s... by navd New Member in Splunk Search 06-08-2018 0 1	0	1
	Why is the below query not working? I have to list the Job_Name orderid Start_Time End_Time. i am using the below query but not getting the values for En... by abhi04 Communicator in Splunk Search 06-08-2018 0 3	0	3
	Powershell vs WMI Hi I an SPL command i use the Win32_DesktopMonitor WMI class and SPLUNK is able to use all the fields corresponding ... by jip31 Motivator in Splunk Search 06-08-2018 0 1	0	1
	Find the missed id in the Query2 compared with Query1 I have 2 queries producing some results Query1: index=foo* sourcetype="abc_uvw" activity="POST*/test1" source="/log... by arjun_krishna Explorer in Splunk Search 06-08-2018 0 0	0	0
	Spliting multiple events in a transaction column , into seperate columns Hi All, So when im running a transaction based on starts with .... ends with... i'm getting two events of the trans... by Sp3ctre1 New Member in Splunk Search 06-08-2018 0 1	0	1
	How to check if field exists in two indexes Hello, I am looking at two indexes with the same field, "hostname". I am looking to create a table of the hostname... by nkosmas_trainin New Member in Splunk Search 06-08-2018 0 1	0	1
	Extract domain part of list of emails addresses. Hi, My results are a bunch of email address, I want to display them in table grouped by their domains. What's the ... by dhabbal Explorer in Splunk Search 06-07-2018 0 2	0	2
	Maintenance Time query help Hi, I'm using a lookup which stores maintenance periods and can be used to exclude events of downtime from my main q... by tchintam Path Finder in Splunk Search 06-07-2018 0 0	0	0
	Combine and use query results contained in 2 other queries. My data model is like: Key Source Destination 1 a b 1 b c 1 a c 1 ... by h52huang Path Finder in Splunk Search 06-07-2018 0 4	0	4
	Search ID or sid i have extracted this log as i need to get the search id to get the SPL used. this is a search that triggers an alert... by teddyidc1101 Communicator in Splunk Search 06-07-2018 0 4	0	4
	Is it possible to put values of multiple fields in a field in a sequence? Hi, Is this possible to do in spl? For example I have these fields: What I need to do is to arrange it in this ... by jvmerilla Path Finder in Splunk Search 06-07-2018 0 2	0	2
	How to create a field of percentiles of a stats field I have constructed a responsetime field using eval resp=endtime-startime,now I want to get a list of percentiles from... by dragut New Member in Splunk Search 06-07-2018 0 3	0	3
	timechart span value produces different averages for the day Case 1: earliest=-1d@d latest=-0d@d ... \| timechart span=1h count as Samples, avg(duration) as avg vs. Case 2: earlie... by nk-1 Path Finder in Splunk Search 06-07-2018 0 2	0	2
	Check IP against lookup file with IP/CIDRs. Hi all, I am new to using lookups and I'm a bit confused. I've created a lookup file on my splunk instance called c... by zhatsispgx Path Finder in Splunk Search 06-07-2018 0 4	0	4
	Searching multiple indexes to get the ID-Value and other associated columns Hi there, I'm trying to join two indexes to get the id-value and ingest the data into main index. Here is my scenari... by kulsplunk Explorer in Splunk Search 06-07-2018 0 3	0	3
	How do I get host_regex to work for my log file names? Log files are: /audit/files/20180515041511.scc145.audit.log.1 /audit/files/20180515041511.scc145.audit.log.2 /audit/... by jelli5518 Engager in Splunk Search 06-07-2018 0 3	0	3
	Search two fields with same name but different values I'm trying to create a stats table in Splunk that shows the IP of VMs and the IP of the Host that supports those VMs.... by gbwilson Path Finder in Splunk Search 06-07-2018 0 1	0	1
	How to merge the results from two different indexes/sourcetypes. Hi, I have two queries, one gives me the test-case names, test-id details and lsf jobid details. Another query gives... by Maniteja81 New Member in Splunk Search 06-07-2018 0 2	0	2