Splunk Search

Community Activity

Auto forward logs to Splunk platform Dear all. recently, i am try to use Splunk Free , how can i take the forwarder auto send logs to receiver after inst... by lllidan New Member in Splunk Search 05-30-2018 0 1	0	1
Why am I getting error "The lookup table 'mylookuptable' does not exist. It is referenced by configuration 'my_lookuptype'"? I have this data below and I want a flow chart of start time and end time on the x-axis and cmd1, cmd2......on the y-... by ravigampa New Member in Splunk Search 05-30-2018 0 4	0	4
How to split events into multiple rows in a table? I have the following search result which has multiple values in a cell: I would like to split table to raws. look li... by dailv1808 Path Finder in Splunk Search 05-29-2018 1 13	1	13
How to use detect numeric outlier to detect cpu utilization outlier My objective is to collect cpu utilization and then use detect numeric outlier to find out the odds one. However the ... by waihoong New Member in Splunk Search 05-29-2018 0 0	0	0
Using search keyword or where keyword Hi All I have data in the below fomat Country={UK}, Question=Where do you live, Answer=London Country={USA}, Quest... by nirmalya2006 Path Finder in Splunk Search 05-29-2018 0 1	0	1
Sorting/Arranging chart results Hi, I have the below query which is used to find the total and used diskspace of a linux server. I need to arrange ... by RupeshMano Explorer in Splunk Search 05-29-2018 0 0	0	0
"search NOT" not working - not excluding the expected results Hi All, Trying to figure this one out - suspect it's going to be something simple - just not sure what it is. Have ... by Kozanic Path Finder in Splunk Search 05-29-2018 0 9	0	9
Using AND, OR to find 2 `devices` where i want to filter in some of the `adj` on each device. I am trying to just show the devices that are X and Y and the devices that are X and have adj that meet this filter ... by HattrickNZ Motivator in Splunk Search 05-29-2018 0 2	0	2
How to make a multiple condition IF statement work? Hi, This should be easy but for some reason, my brain is making it hard. I'm trying to get a 2-condition IF statemen... by dbcase Motivator in Splunk Search 05-29-2018 0 6	0	6
How to extract a heavily nested JSON data? Hey everyone, I am very new to Splunk and many of the examples I see use relatively simple data. I am trying to extr... by LunarLlama New Member in Splunk Search 05-29-2018 0 1	0	1
Calculate mailbox growth comparing previous week I have the below search that shows the total mailboxSize in GB and I would like to compare this with a week ago to de... by davidcraven02 Communicator in Splunk Search 05-29-2018 0 1	0	1
Why is the timechart coming up blank? Hi, I have this query that works query wize but the resulting timechart is blank and I don't know why earliest=-4hr... by dbcase Motivator in Splunk Search 05-29-2018 0 3	0	3
How to figure out the exact regex to capture the hostname value from the event logs for transforms.conf? Hi, I'm sure this is really simple but I've been unable to figure out the exact regex to capture the hostname value ... by Hemnaath Motivator in Splunk Search 05-29-2018 0 3	0	3
How can I view daily/monthly job query search average times? Given an initial search query, I'm trying to view daily and monthly job search query runtimes, then average the times... by tinanicole21 New Member in Splunk Search 05-29-2018 0 2	0	2
Sorting column header is based on ASCII and its not based on case senstitve Hi, I have a saved search with the below code snippet to sort irrespective of case. index=indexname \| eval sortNa... by angelinealex Communicator in Splunk Search 05-29-2018 0 9	0	9
Why is the sum of all events on transaction giving the wrong value? I'm calculating sum of all the events in the transaction but the sum displayed is different from actual sum. What am ... by abhishek0agarwa New Member in Splunk Search 05-29-2018 0 5	0	5
サブサーチで何もヒットしない時、メインサーチのソースで全検索されてしまいます。 If subsearch is no result, Mainsearch execute Full Search source="logA" [search source="logB" "valueA" \| return fieldA] 上記のように検索する時、もしサブサーチ内でvalueAの検索結果が無い時、サブサーチで何も値が返されないため... by sybb6616 New Member in Splunk Search 05-29-2018 0 3	0	3
How do I formulate a regex so that I can search different types of events? event 1: 31.138.204.1 \| ssh \| o*1N0HIQQx434x12481145x1 \| ZI53713 \| 2018-05-28 07:14:47,848 \| SSH - piv-receive-pac... by zacksoft Contributor in Splunk Search 05-29-2018 0 6	0	6
How to get max value from each columns that are created dynamicly based on time range search query \| timechart span=1m count by A1 the above query gives me below output: _time ... by maniu1609 Path Finder in Splunk Search 05-29-2018 0 4	0	4
How can I compare two fields that I get from my search result? I want to compare the two columns that I get dynamically from my search result. I want to compare both fields. Sourc... by prashanthberam Explorer in Splunk Search 05-29-2018 0 5	0	5
rex Named extraction for acronyms that have 4 letters and are all capital letters Hello, I'm trying to create a named extraction and want to use regex to find all instance of 4 letter acronyms that... by agoktas Communicator in Splunk Search 05-29-2018 0 2	0	2
How to expand the dates between two dates? I want to display the date between two date range EX. 3/11 -3/19 Field : SDate= 3/11/2018 EDate=3/19/2018 I need th... by Sankar_g30 Loves-to-Learn in Splunk Search 05-29-2018 0 3	0	3
rex sed strings different length Hi! Can somebody please explain me WTF is happening here? My question is quite simple. I want to substitute [áéíóú] ... by faguilar Path Finder in Splunk Search 05-29-2018 0 6	0	6
How can I integrate D3/Google Charts in my Splunk Dashboards? I have seen the splunk document to integrate D3 sankey visualization into splunk and to be honest, not being a javasc... by pramit46 Contributor in Splunk Search 05-29-2018 0 8	0	8
How to apply the predict function for the most varying field? I'm trying to do something like from my output I just need to apply predict function on most varying field. For examp... by VatsalJagani SplunkTrust in Splunk Search 05-29-2018 0 2	0	2