Splunk Search

Community Activity

On-Premises documentation server I run Splunk Enterprise in a distributed cluster architecture, in an offline environment that is completely disconnec... by eden881 Path Finder in Splunk Search 04-29-2018 0 1	0	1
Average command vs count and average command Maybe im just bad in mathematics. but why does splunk docs always take the count of events and then the avg of event... by ranjitbrhm1 Communicator in Splunk Search 04-29-2018 0 2	0	2
Add a blank row in the table I have a search which would give me a table of results and at the end the total count of columns. I want a blank lin... by Navanitha Path Finder in Splunk Search 04-28-2018 0 15	0	15
Source Workstation shows random IP Hi there, I'm looking into why one of our users is getting locked out, but when I run a search to try to find out the... by brosariochan New Member in Splunk Search 04-28-2018 0 2	0	2
how to Configure positional timestamp extraction in log using RegEx? hi All, Am trying to extract the time stamp inside event as index time. We have similar sourcetype of logs from 4 di... by mallempatisreed Explorer in Splunk Search 04-28-2018 0 2	0	2
Help with ending search for rex expression Hi All - I am using the below query index=ABC "XYZ"\| rex field=_raw "\"code\":\"(?.*)\"" \| stats count by errorcode ... by pushpender07 Explorer in Splunk Search 04-28-2018 0 5	0	5
Calculate totals and then sort based on a field and separate out results accountId: 12345678 action: Test publishId: 123 or 456 tile: Tile1 How can I get this result: [accountI... by dwong2 New Member in Splunk Search 04-27-2018 0 2	0	2
Insert a heading between rows and customise it.? How can I add a heading between two rows , my each row on dashboard has three panels . and can i customize it ? by navd New Member in Splunk Search 04-27-2018 0 8	0	8
Mimecast for Splunk not showing Target Threat Protection Data Hello, We've had the Mimecast for Splunk v2 running in our environment for almost a year now and most of the data ha... by summitsplunk Communicator in Splunk Search 04-27-2018 1 0	1	0
Separate out results based on wildcard field ...search \| stats count(tile) as launches by tile publishId \| sort -"launches" accountExId: 12345678 publishId: 6... by dwong2 New Member in Splunk Search 04-27-2018 0 2	0	2
Calculating distinct counts with multiple conditions I am trying to compute distinct counts of a field based on multiple conditions. Can anyone please help with the calc ... by bhumikajpatel Explorer in Splunk Search 04-27-2018 0 7	0	7
how to get the list of non matching values of lookup with search? I have a search which will give list of a values for field A and I have a look up which has values for the same Fiel... by vrmandadi Builder in Splunk Search 04-27-2018 0 6	0	6
Searches running in Batches and needs to be triggered once the previous search is completed i am creating various reports which are schedule on cron expression but i wanted to see if there is any possibilites ... by chintan_shah Path Finder in Splunk Search 04-27-2018 0 1	0	1
Timechart /chart I'm looking to have line chart, which shows AccountID , Username and duration, how would put this with timechart char... by swetasoneji New Member in Splunk Search 04-27-2018 0 8	0	8
substr result Hi, I'm trying to use substr to extract the first 4 characters of my result (perc_err_test1 & perc_err_test2), but ... by katouoma New Member in Splunk Search 04-27-2018 0 9	0	9
sort csv by current dates I want to sort out a csv but it not working tried ......\| fields Date,count \| stats by Date,count \| eval Date=strp... by Bentash Explorer in Splunk Search 04-27-2018 0 3	0	3
Splunk show duplicate event but there is only one Hello I'm monitoring a directory with splunk when i search for those events it shows me by example the field id with... by darismendy Explorer in Splunk Search 04-27-2018 0 4	0	4
Bring the last source of the index good morning Currently, for monitoring purposes, it is necessary to validate the states of certain indexes, and w... by efaundez Path Finder in Splunk Search 04-27-2018 0 3	0	3
Mathematical calculations on rows based on grouping This is my table that I have extracted with the help of this query: index=auto_adv_txn_preprod source=cap ( alfaws ... by imran1386 New Member in Splunk Search 04-27-2018 0 8	0	8
System eventtypes "internal_search_terms", "splunkd-access", "splunkd-log" Hello, I want to limit the access for some external users to all eventtypes. There are 3 system-default-eventtypes r... by kandersen New Member in Splunk Search 04-27-2018 0 1	0	1
Using list in query fails to return records Hi All I have data in the below fomat Market=UK, Question=Where do you live, Answer=London Market=USA, Question=Wh... by nirmalya2006 Path Finder in Splunk Search 04-27-2018 0 8	0	8
Filter values in timechart for eval method Hi, This is related to the question asked earlier link: [https://answers.splunk.com/answers/643007/timechart-query-wi... by sawgata12345 Path Finder in Splunk Search 04-27-2018 0 2	0	2
Help with events data! I have this code bellow and i want to just keep with lines of when my Virtual Machine changed Cluster ou VMhost. Obs... by ppatrikfr Path Finder in Splunk Search 04-27-2018 0 3	0	3
Conceptual sourcetype renaming Hi Experts, I am looking for best practices on how to conceptually, systematically and with minimum efforts and rew... by tomasmoser Contributor in Splunk Search 04-27-2018 0 1	0	1
Transpose and Timechart Hi, I wonder whether someone may be able to help me please. I've put together the following query which works but I'... by IRHM73 Motivator in Splunk Search 04-26-2018 0 6	0	6